Privacy Policy

Last updated: August 1, 2025

1. General Provisions

This Privacy Policy ("Policy") explains how Celena (business registration number 749292, registered in Ireland), managed by sole proprietor Vladimir Franco ("we", "us", "our"), collects, uses, stores and protects your personal information when using the Vexar.io platform ("Service", "Platform").

By using our Service, you agree to the terms of this Privacy Policy.

2. Policy Applicability

This Policy applies to all information we process, including:

• Information that the Platform may collect about users when using the Service
• Data of visitors to websites created using Vexar.io
• Information obtained from third parties

3. User Categories

We distinguish the following categories of users:

3.1 Vexar.io Clients — individuals who create accounts and use our website builder

3.2 Client Website Visitors — individuals who visit websites created using Vexar.io

3.3 Our Website Visitors — individuals who visit vexar.io without registration

4. What Information We Collect

4.1 Vexar.io Client Information

Registration Data:

• First and last name
• Email address
• Password (encrypted)
• Phone number (if provided)
• Company information (if provided)

Usage Data:

• IP address and geolocation
• Browser and device information
• Pages and features you use
• Time and duration of sessions
• Clicks, scrolling, actions in the editor

Content and Files:

• Texts, images, videos uploaded to the site
• Design and structure settings of the site
• Created pages and templates

Payment Information:

• Card data (processed through Stripe)
• Payment and subscription history
• Bills and receipts

4.2 Client Website Visitor Information

When visitors access websites created through Vexar.io, we may collect:

• IP address and approximate location
• Browser and device information
• Pages they visit
• Time on site and traffic sources
• Interaction with site elements (clicks, forms)

4.3 Analytics Data

We use our own analytics system to collect:

• Visit and page view statistics
• Information about conversions and goals
• Sales funnel data
• User paths through the site

5. How We Use Information

5.1 Service Provision

• Creating and maintaining your account
• Ensuring the website builder functions
• Hosting and servicing created websites
• Processing payments and subscriptions
• Providing technical support

5.2 Service Improvement

• Analyzing platform feature usage
• Developing new capabilities
• Resolving technical issues
• Optimizing performance

5.3 Communication

• Sending service operation notifications
• Informing about new features
• Technical support
• Marketing messages (with your consent)

5.4 Security and Legal Compliance

• Preventing fraud
• Ensuring platform security
• Complying with legal requirements

6. Cookies and Tracking Technologies

6.1 Types of Cookies

Necessary Cookies: for basic site operation and authentication

Analytics Cookies: for collecting usage statistics

Functional Cookies: for saving user preferences

Marketing Cookies: for advertising personalization (only with consent)

6.2 Cookie Management

You can manage cookie settings through:

• Browser settings
• Cookie consent banner (where applicable)
• Account settings

7. Information Sharing with Third Parties

7.1 Service Providers

We may transfer data to the following categories of providers:

Payment Systems:

• Stripe (payment processing)
• Other payment providers

Cloud Services:

• DigitalOcean Spaces (file storage)
• Amazon SES (email sending)
• Redis (caching)

Analytics and Marketing:

• Google Analytics integrations (by client choice)
• Facebook Pixel (by client choice)
• Other marketing tools

Domain Services:

• Openprovider (domain registration)

7.2 Legal Requirements

We may disclose information:

• Upon request from judicial authorities
• To protect our rights and interests
• When fraud is suspected
• To comply with applicable legislation

7.3 Business Transfer

In case of sale, merger or transfer of our business, user data may be transferred to the new owner.

8. International Data Transfer

Your data may be processed and stored in:

• Ireland (main servers)
• United Kingdom (DigitalOcean servers)
• USA (some third-party services)

We ensure adequate protection during international data transfer in accordance with applicable legislation.

9. Data Security

9.1 Technical Measures

• SSL/TLS encryption for all connections
• Password encryption
• Regular security updates
• Security monitoring

9.2 Organizational Measures

• Limited access to personal data
• Employee security training
• Regular security audits

10. Data Retention Periods

Account Data: until account deletion + 30 days

Payment Information: 7 years (for tax accounting)

Logs and Analytics: 2 years

Backups: up to 90 days after deletion of primary data

11. Your Rights

In accordance with GDPR and other applicable data protection laws, you have the right to:

11.1 Data Access

Request a copy of all personal data we store about you

11.2 Data Correction

Correct inaccurate or incomplete personal data

11.3 Data Deletion ("right to be forgotten")

Request deletion of your personal data under certain circumstances

11.4 Processing Restriction

Restrict the processing of your personal data

11.5 Data Portability

Receive your data in a structured, machine-readable format

11.6 Processing Objection

Object to data processing for marketing purposes

11.7 Consent Withdrawal

Withdraw consent to data processing at any time

How to exercise rights: send a request to legal@vexar.io or through the support system in the control panel.

12. Jurisdiction-Specific Features

12.1 European Union (GDPR)

• Legal basis for processing: contract performance, legitimate interests, consent
• Right to file a complaint with a supervisory authority
• Additional guarantees for international data transfer

12.2 California (CCPA/CPRA)

• Right to know about categories of personal data collected
• Right to delete personal data
• Right to opt out of personal data sale
• Right to non-discriminatory treatment

12.3 Other Jurisdictions

We comply with local data protection laws applicable to our users.

13. Children

Our services are not intended for persons under 16 years of age. We do not knowingly collect personal data from children under 16. If you become aware that a child has provided us with personal data, contact us to delete such information.

14. Branding on Free Accounts

Websites created using the free plan display the branding "Site powered by vexar.io". This does not affect the processing of personal data of visitors to such sites.

15. Changes to the Privacy Policy

We may update this Privacy Policy. For significant changes, we will notify you:

• By email
• Through notifications in the control panel
• By posting on our website

The date of the last change is indicated at the beginning of the document.

16. Contact Information

For questions related to this Privacy Policy, contact:

Email: legal@vexar.io

Postal Address: Celena, The Maldron Arena, Whitestown Way, Dublin 24, Ireland, D24 XC9W

Technical Support: through the ticket system in the control panel

17. Supervisory Authorities

If you are in the EU, you have the right to file a complaint with your local data protection supervisory authority. In Ireland, this is the Data Protection Commission (www.dataprotection.ie).

Celena
Volodymyr Franko
The Maldron Arena, Whitestown Way
Dublin 24, Ireland
D24 XC9W