1. Who We Are

AAPTA SOLUTIONS LLC (“AAPTA SOLUTIONS”, “we”, “us”, or “our”) is a Wyoming limited liability company that provides managed WordPress services, design, development, security, auditing, automation, penetration testing, and WordPress cloud hosting (shared and dedicated). Our principal place of business is in the State of Wyoming, United States of America.

For the purposes of applicable data protection laws, AAPTA SOLUTIONS LLC is the data controller in respect of personal data we collect about visitors to our website and prospective clients, and a data processor in respect of personal data you upload or share with us in the course of receiving our services.

Data Protection Contact: [email protected]

2. Scope of This Privacy Policy

This Privacy Policy applies to:

• Our website at aaptasolutions.com and all associated subdomains
• Our client portal, support ticketing system, and white-labeled hosting panel
• All services provided by AAPTA SOLUTIONS LLC, whether delivered online or offline
• All communications between you and AAPTA SOLUTIONS LLC, including email, live chat, and phone

This Policy does not apply to third-party websites, services, or platforms that may be linked from our website. We encourage you to review the privacy policies of any third-party services you access through our platform.

3. Information We Collect

We collect information from you in several ways depending on how you interact with us. The categories of information we collect include:

3.1 Information You Provide Directly

• Contact & Account Information: Full name, company name, email address, phone number, billing address, and account credentials when you register for an account, request a quote, or subscribe to a plan
• Payment Information: Credit/debit card details, billing name, and billing address. Payment card data is processed by our PCI-DSS compliant payment processors and is not stored on our servers
• Service-Related Information: Website URLs, WordPress credentials (stored encrypted), server access details, and hosting configuration information provided to enable us to perform services
• Communications: Messages, support tickets, emails, chat logs, feedback, survey responses, and any other information you send to us
• Project & Business Information: Requirements, specifications, documents, images, and other materials you share with us during the provision of design, development, or other services
• Identity Verification Information: In certain cases (e.g., for high-value contracts or penetration testing engagements), we may request government-issued identification for verification purposes

3.2 Information We Collect Automatically

When you visit our website or use our online services, we automatically collect certain technical information, including:

• Log Data: IP address, browser type and version, operating system, referring URL, pages visited, time and date of visit, and time spent on pages
• Device Information: Device type, device identifiers, screen resolution, and language settings
• Cookie and Tracking Data: Information collected via cookies, web beacons, pixel tags, and similar technologies (see Section 7 for our Cookie Policy)
• Usage Data: Features used, actions taken within our client portal, service usage patterns, and error reports
• Location Data: General geographic location derived from your IP address (country and city level; we do not collect precise GPS location)

3.3 Information We Collect from Third Parties

• Payment Processors: Transaction confirmation data and payment status from our payment partners (e.g., Stripe, PayPal)
• Analytics Providers: Aggregated and anonymized usage data from Google Analytics and similar tools
• Social Media Platforms: Public profile information if you connect a social account or interact with us on social platforms
• Referral Partners & Affiliates: Contact and referral information provided by our business partners
• Publicly Available Sources: Business information such as company name and general contact details from public directories

3.4 Information We Process on Your Behalf (Data Processor Role)

When we provide managed WordPress services or hosting, we may process personal data contained on your website, in your database, or in your files (“Client Data”). This includes information about your website’s visitors, customers, or end users. We process such Client Data solely on your instructions and in accordance with our Data Processing Agreement (DPA), available upon request at [email protected].

4. How We Use Your Information

We use the information we collect for the following purposes, each supported by an appropriate legal basis:

4.1 To Provide and Manage Our Services

• Create and manage your account and service subscriptions
• Deliver WordPress maintenance, security, development, hosting, and other contracted services
• Provision and configure your hosting environment, control panel, and server resources
• Respond to support requests, troubleshoot technical issues, and manage incidents
• Process payments and manage billing and invoicing

Legal Basis: Performance of a contract; Legitimate interests.

4.2 To Communicate With You

• Send service-related notifications, including maintenance windows, security alerts, and billing reminders
• Respond to your inquiries, quotes, and support tickets
• Send transactional emails (e.g., receipts, onboarding materials, password resets)
• Send marketing communications about our services, updates, and promotions (with your consent or where permitted by law)

Legal Basis: Contract performance; Legitimate interests; Consent (for marketing).

4.3 To Improve Our Services

• Analyze usage patterns to improve website functionality, service quality, and user experience
• Conduct internal research, testing, and product development
• Generate aggregated, anonymized analytics and reports
• Monitor and improve the performance and security of our infrastructure

Legal Basis: Legitimate interests.

4.4 To Ensure Security & Prevent Fraud

• Detect, prevent, and respond to security incidents, fraud, abuse, and unauthorized access
• Verify identity for high-value service engagements
• Monitor for compliance with our Terms of Use and Acceptable Use Policy
• Conduct security audits and penetration testing activities as authorized by you

Legal Basis: Legitimate interests; Legal obligation.

4.5 To Comply With Legal Obligations

• Comply with applicable laws, regulations, and legal processes
• Respond to lawful requests from courts, regulators, and law enforcement
• Maintain records required by tax, accounting, and corporate laws
• Enforce our contractual rights and defend legal claims

Legal Basis: Legal obligation; Legitimate interests.

4.6 Marketing & Promotional Activities

With your prior consent or where we have a legitimate interest under applicable law, we may send you newsletters, promotional offers, service updates, and case studies. You may opt out of marketing communications at any time by clicking “Unsubscribe” in any marketing email or by contacting us at [email protected]. Opting out of marketing does not affect service-related communications.

5. How We Share Your Information

AAPTA SOLUTIONS LLC does not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:

5.1 Service Providers & Subprocessors

We engage trusted third-party vendors to help us operate our business and deliver our services. These vendors are contractually bound to protect your data and may only process it as instructed by us. Categories of subprocessors include:

• Cloud Infrastructure & Hosting Providers: For server hosting, storage, and CDN services
• Payment Processors: Stripe, PayPal, or equivalent PCI-DSS compliant processors for payment handling
• Email & Communication Platforms: For transactional emails, support tickets, and client communications
• Analytics Providers: For website traffic analysis and service improvement (data anonymized where possible)
• Security & Monitoring Tools: Uptime monitoring, WAF, malware scanning, and intrusion detection services
• CRM & Project Management Software: For managing client relationships and service delivery workflows
• Accounting & Invoicing Software: For billing, invoicing, and tax compliance

A current list of our subprocessors is available upon written request at [email protected].

5.2 Business Partners & Affiliates

In connection with our white-label or reseller programs, we may share certain information with authorized business partners as necessary to fulfill the services you have contracted. Partners are bound by confidentiality obligations consistent with these requirements.

5.3 Legal & Regulatory Disclosure

We may disclose your information if required to do so by law or in response to valid legal processes, such as a court order, subpoena, or government request. We will notify you of such a request where permitted by law and where we have a reasonable basis to do so.

5.4 Protection of Rights

We may disclose information where we believe in good faith that disclosure is necessary to: (a) protect our rights, property, or safety; (b) protect the rights, property, or safety of our clients or third parties; (c) enforce our Terms of Use; or (d) detect or prevent fraud or security incidents.

5.5 Business Transfers

If AAPTA SOLUTIONS LLC undergoes a merger, acquisition, reorganization, sale of assets, or bankruptcy, your information may be transferred to the successor entity. We will provide notice before your personal information is transferred and becomes subject to a different privacy policy. The acquiring entity will be required to provide protections at least equivalent to those in this Policy.

5.6 Aggregated & Anonymized Data

We may share aggregated, de-identified, or anonymized data that cannot reasonably be used to identify you, for marketing, research, or industry reporting purposes. This data sharing is not subject to any restriction in this Policy.

6. International Data Transfers

AAPTA SOLUTIONS LLC is based in the United States. If you are located outside the United States, your personal information will be transferred to and processed in the US, where data protection laws may differ from those in your jurisdiction.

Where we transfer personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to countries not recognized as providing an adequate level of data protection, we implement appropriate safeguards, which may include:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Data processing agreements with subprocessors incorporating equivalent protections
• Reliance on derogations for specific transfers where permitted under applicable law (e.g., your explicit consent or necessity for contract performance)

To obtain a copy of the applicable transfer mechanisms or for further information, please contact us at [email protected].

7. Cookies & Tracking Technologies

7.1 What Are Cookies?

Cookies are small text files placed on your device by websites you visit. They serve various functions, including enabling core website functionality, remembering your preferences, and helping us understand how visitors interact with our site.

7.2 Types of Cookies We Use

• Strictly Necessary Cookies: Essential for core functionality such as user authentication, session management, and security. These cannot be disabled without impairing website functionality
• Performance & Analytics Cookies: Help us understand how visitors use our website by collecting anonymous usage statistics (e.g., Google Analytics). We use this data to improve site performance
• Functional Cookies: Remember your preferences (e.g., language, time zone, login state) to provide a personalized experience
• Marketing & Targeting Cookies: Used to display relevant advertisements and track the effectiveness of our marketing campaigns. These are only placed with your consent
• Third-Party Cookies: Some cookies are placed by third-party services embedded in our site (e.g., live chat widgets, social share buttons, YouTube video embeds)

7.3 Managing Your Cookie Preferences

When you first visit our website, you will be presented with a cookie consent banner where you can accept all cookies or customize your preferences. You may update your cookie preferences at any time through the cookie settings link in our website footer.

You can also manage or delete cookies directly through your browser settings. Please note that disabling certain cookies may affect the functionality of our website and services. For more information about managing cookies, visit www.allaboutcookies.org.

7.4 Do Not Track

Some browsers transmit “Do Not Track” signals. Our website does not currently respond to these signals. However, you may use the cookie preference tools described above to control tracking on our site.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes for which it was collected, to provide and improve our services, and to comply with our legal, regulatory, accounting, and reporting obligations. Our general retention periods are:

• Account & Contract Data: Retained for the duration of our business relationship and for seven (7) years after termination, in accordance with US tax and accounting laws
• Support & Communication Records: Retained for three (3) years after the last interaction
• Website Log & Analytics Data: Retained for up to twenty-six (26) months
• Payment Records: Retained for seven (7) years for tax and financial compliance
• Security Incident Records: Retained for five (5) years
• Marketing Consent Records: Retained for three (3) years after consent is withdrawn
• Penetration Testing Reports & Engagement Records: Retained for five (5) years unless a longer period is required by law or contract

Client Data processed on your behalf (in our data processor capacity) is retained for thirty (30) days after termination of services, after which it is securely deleted unless you request earlier deletion or applicable law requires longer retention.

When retention periods expire, we securely delete or anonymize personal data in accordance with our internal data destruction procedures.

9. How We Protect Your Information

We implement robust technical, administrative, and physical security measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. Our security measures include:

9.1 Technical Safeguards

• TLS/SSL encryption for all data transmitted between your browser and our servers
• AES-256 encryption for sensitive data stored at rest, including credentials and API keys
• Web Application Firewall (WAF), intrusion detection systems (IDS), and DDoS mitigation
• Two-factor authentication (2FA) enforced for all administrative and staff accounts
• Regular automated and manual vulnerability scans and penetration tests of our own infrastructure
• Secure, segmented network architecture with least-privilege access controls

9.2 Operational Safeguards

• Access to personal data limited to employees and contractors who need it to perform their job functions
• All staff trained on data protection and security best practices
• Signed confidentiality and data processing agreements with all employees and subprocessors
• Formal incident response plan with defined escalation and notification procedures
• Regular security audits, code reviews, and third-party assessments

9.3 Limitations

Despite our efforts, no security system is completely impenetrable, and no method of data transmission over the internet is 100% secure. We cannot guarantee the absolute security of your information. If you have reason to believe that your interaction with us is no longer secure, please contact us immediately at [email protected].

10. Your Privacy Rights

Depending on your location and applicable law, you may have the following rights with respect to your personal information:

10.1 Rights Under GDPR (EEA, UK & Switzerland Residents)

• Right of Access: Request a copy of the personal data we hold about you
• Right to Rectification: Request correction of inaccurate or incomplete personal data
• Right to Erasure (“Right to be Forgotten”): Request deletion of your personal data, subject to certain legal exceptions
• Right to Restriction of Processing: Request that we limit our processing of your data in certain circumstances
• Right to Data Portability: Receive your personal data in a structured, commonly used, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing purposes
• Rights Related to Automated Decision-Making: Not be subject to decisions based solely on automated processing that produce significant effects on you
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent, without affecting the lawfulness of prior processing

10.2 Rights Under CCPA/CPRA (California Residents)

If you are a California resident, you have the following additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA):

• Right to Know: Request disclosure of personal information we collect, use, disclose, and sell about you
• Right to Delete: Request deletion of personal information we have collected, subject to certain exceptions
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out of Sale or Sharing: We do not sell or share your personal information for cross-context behavioral advertising. If this changes, you will have the right to opt out
• Right to Limit Use of Sensitive Personal Information: Limit our use of sensitive personal information to what is necessary to provide the services
• Right to Non-Discrimination: We will not discriminate against you for exercising your privacy rights

To submit a CCPA request, contact us at [email protected] or toll-free at the number listed on our website. We may need to verify your identity before processing your request.

10.3 Rights for Other US State Residents

Residents of Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Texas (TDPSA), and other US states with comprehensive privacy laws may have similar rights to those described above. We will honor valid requests from residents of these states in accordance with applicable law.

10.4 How to Exercise Your Rights

To exercise any of the rights described in this Section, please submit a written request to:

Email: [email protected]

Subject Line: Privacy Rights Request – [Your Name]

We will respond to your request within thirty (30) days (or as required by applicable law). We may need to verify your identity before fulfilling your request. We will not charge a fee for reasonable requests but may charge a fee or decline requests that are manifestly unfounded, excessive, or repetitive.

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection authority in your jurisdiction.

11. Children’s Privacy

Our services are not directed to, and we do not knowingly collect personal information from, individuals under the age of 16 (or under the applicable age of digital consent in their jurisdiction). If we learn that we have inadvertently collected personal information from a child under 16 without appropriate parental consent, we will promptly delete that information.

If you are a parent or guardian and believe your child has provided personal information to us without your consent, please contact us at [email protected] and we will take appropriate steps to remove the information.

12. Third-Party Websites & Integrations

Our website and services may contain links to third-party websites, integrations with third-party platforms (such as WordPress.org, payment gateways, CRM systems, or email marketing tools), and embedded content from external sources. This Privacy Policy applies only to AAPTA SOLUTIONS LLC and does not govern the practices of any third party.

We encourage you to review the privacy policies of any third-party services you access through or in connection with our services. AAPTA SOLUTIONS LLC is not responsible for the privacy practices or content of third-party websites or services.

13. Marketing Communications

13.1 How We Market to You

With your consent or where we have a legitimate interest under applicable law, we may contact you with information about our services, updates, promotions, industry insights, and case studies via email, SMS, or other channels.

13.2 Opting Out

You may opt out of marketing communications at any time by:

• Clicking the “Unsubscribe” link in any marketing email
• Emailing us at [email protected] with the subject line “Unsubscribe”
• Updating your communication preferences in your account dashboard

Please note that even after opting out of marketing, you will continue to receive transactional and service-related communications necessary for the operation of your account and services.

13.3 Testimonials & Case Studies

With your explicit written consent, we may feature your name, company name, website URL, or testimonial on our website, marketing materials, or social media. You may withdraw this consent at any time by contacting [email protected] and we will promptly remove your information from future marketing materials.

14. Business Clients & White-Label Resellers

If you are a business client or white-label reseller using our platform to provide services to your own end clients:

• You are the data controller for personal data belonging to your end clients
• AAPTA SOLUTIONS LLC acts as a data processor on your behalf and processes end-client data solely in accordance with your documented instructions
• You are responsible for obtaining all necessary consents and providing all required privacy notices to your end clients
• You must ensure your own privacy policy accurately reflects the services and data processing activities performed through our platform
• Upon request, we will enter into a Data Processing Agreement (DPA) with you that satisfies the requirements of GDPR Article 28 and equivalent applicable laws

To request our standard DPA, please email [email protected].

15. Automated Decision-Making & Profiling

AAPTA SOLUTIONS LLC does not use your personal information to make automated decisions that produce legal or similarly significant effects on you without human oversight. We may use automated tools for:

• Fraud detection and risk scoring (subject to human review)
• Spam filtering and abuse detection in our hosting environment
• Automated security scanning and alerting

If we introduce automated decision-making that significantly affects you, we will update this Policy and provide appropriate notice and opt-out mechanisms.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service offerings. When we make material changes, we will:

• Update the “Last Updated” date at the top of this Policy
• Notify you by email (to the address associated with your account) for material changes
• Post a prominent notice on our website for at least thirty (30) days before the changes take effect

Your continued use of our services after the effective date of any updated Privacy Policy constitutes your acknowledgment of and agreement to the updated terms. If you do not agree to the changes, you must discontinue use of our services and notify us of account termination.

We encourage you to review this Privacy Policy periodically. Older versions of this Policy are available upon request.

17. Contact Us & Complaints

17.1 Data Protection Inquiries

For any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

AAPTA SOLUTIONS LLC – Privacy Team

Email: [email protected]

General Support: [email protected]

Website: https://aaptasolutions.com/privacy-policy

We aim to respond to all privacy-related inquiries within thirty (30) days.

17.2 Supervisory Authority Complaints

If you are located in the EEA or UK and believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with your local supervisory authority. A list of EU data protection authorities is available at edpb.europa.eu. UK residents may contact the Information Commissioner’s Office (ICO) at ico.org.uk.

We encourage you to contact us first so that we have the opportunity to address your concerns directly before you escalate to a supervisory authority