Nubesti LLC (doing business as WPsigner) ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website wpsigner.com including any other media form, media channel, mobile website, or mobile application related or connected thereto (collectively, the "Site") or use our WordPress plugin (the "Plugin").

Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the site or use the plugin.

1. Identification of the Data Controller

For the purposes of the General Data Protection Regulation (GDPR), the Brazilian General Data Protection Law (LGPD), and other applicable data protection laws, the Data Controller is:

Company Name: Nubesti LLC
Registration State: Delaware, United States
Physical Address: 1111B S Governors Ave STE 23840, Dover, DE 19904, USA
Data Protection Officer (DPO): Contact Us

2. Interpretation and Definitions

Definitions

Personal Data: Any information that relates to an identified or identifiable individual.
Usage Data: Data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).
Cookies: Small files placed on Your device by a website, containing details of Your browsing history on that website among its many uses.
Data Processor: A natural or legal person who processes the data on behalf of the Data Controller.

3. Collection of Your Data

We collect data to provide and improve our Service. The types of data collected include:

A. Personal Data

While using our Service, we may ask You to provide specific personally identifiable information, including but not limited to:

Identity Data: First name, last name, username.
Contact Data: Email address, telephone number, billing address, shipping address.
Financial Data: Partial payment details (e.g., last 4 digits) for verification. Note: We do not store full credit card numbers directly on our servers.

B. Derivative Data & Telemetry (The Plugin)

When you install and activate the WPsigner Plugin, our servers may collect the following for license verification and software updates:

Domain URL

To validate license usage limits.

License Key

To authenticate your subscription.

WP & PHP Version

To serve compatible updates.

Plugin Version

To trigger update notifications.

C. Tracking Technologies and Cookies

We use Cookies and similar tracking technologies (like beacons, tags, and scripts) to track activity on our Site. We use:

Necessary Cookies: Essential for authentication and security.
Functionality Cookies: To remember your preferences.
Analytics Cookies: Administered by Google Analytics and Meta Pixel to track website traffic and user behavior.

4. Determines Lawful Basis

We process Personal Data under the following lawful bases (GDPR Art. 6):

Purpose/Activity	Type of Data	Lawful Basis
To register you as a new customer	Identity, Contact	Performance of a Contract
To process your order (Payment)	Identity, Financial, Contact	Performance of a Contract
License Verification & Updates	Technical, Usage	Legitimate Interests (Fraud)
To administer and protect our business	Identity, Technical	Legal Obligation
To deliver relevant content/ads	Contact, Usage, Profile	Consent (via Banner)

5. Disclosure of Your Information (Processors)

We may share information we have collected about you in certain situations. Your information may be disclosed as follows:

Third-Party Service Providers (Processors)

Payment Processing

Stripe, PayPal, Paddle (Global), Bold (Colombia)

GDPR Compliant

Cloud Infrastructure

Cloudflare (CDN), AWS (Hosting)

SOC2 Certified

Analytics & Ads

Google Analytics 4, Meta (Facebook)

Requires Consent

6. International Data Transfers

Your information, including Personal Data, is processed at the Company's operating offices (United States) and in any other places where the parties involved in the processing are located.

EEA & Brazil Residents: By using our service, you acknowledge your data is processed in the USA. We rely on Standard Contractual Clauses (SCCs) and adequacy decisions to ensure your rights are protected during this transfer.

7. Data Security

We use administrative, technical, and physical security measures to help protect your personal information. These measures include:

Encryption: All data transmitted between your browser and our servers is encrypted using Secure Socket Layer (SSL) technology.
Hashing: Passwords and sensitive tokens are hashed using industry-standard algorithms (bcrypt/Argon2).
Access Control: Only authorized employees with a specific need to know (e.g., billing support) have access to personal data.

8. Data Retention Policy

Active+2yr

Account Data

7 Years

Billing Records (Tax)

Opt-Out

Marketing Data

9. Your Rights

For EEA/UK Users (GDPR)

Right to Access: Request copies of your personal data.
Right to Rectification: Request correction of inaccurate data.
Right to Erasure: Request deletion where legal grounds allow.
Right to Restriction: Temporarily stop processing of data.
Right to Portability: Receive your data in a machine-readable format.

For California Regulation (CCPA/CPRA)

Right to Know: Categories of personal information collected.
Right to Delete: Request deletion of your data.
Right to Opt-Out: We do not sell data. You may opt-out of "sharing" with ad networks via our .
Non-Discrimination: We will not discriminate against you for exercising rights.

10. Policy for Children (COPPA)

Our Service adheres to the Children's Online Privacy Protection Act (COPPA). We do not knowingly solicit information from or market to children under the age of 13.

11. Contact Us

To exercise any of these rights, or if you have questions or comments about this Privacy Policy, please contact us:

Nubesti LLC

Attn: Privacy Officer

1111B S Governors Ave STE 23840

Dover, DE 19904

United States

Privacy Policy