Privacy Policy

FixWebCo | Last Updated: February 2026

Introduction

This Privacy Policy explains how FixWebCo ("FixWebCo," "we," "us," or "our") collects, uses, shares, and protects your information when you use our services, including SMS/text messaging services subject to Application-to-Person (A2P) messaging regulations.

By using our Services, you agree to this Privacy Policy.

1. Information We Collect

Personal Information

- Name, company name, email address, phone number

- Business address and job title

Billing Information

- Billing details (processed securely by Stripe)

- We do not store credit card information

Business Data

- Company information, logos, photos

- Customer data you upload

- Communication templates

- Review and feedback data

- Website content

A2P Messaging & Phone Number Data

When you use or interact with our SMS/text messaging features:

- Mobile phone numbers provided for SMS communications

- Messaging consent records, including the date, time, and method of opt-in

- Message delivery status and engagement data (sent, delivered, read receipts)

- Opt-out and opt-in history for compliance records

- Carrier information associated with registered phone numbers

- Campaign registration data submitted to The Campaign Registry (TCR) or other A2P registry bodies

Important: We do not use phone numbers collected for SMS/A2P purposes to send marketing messages without your explicit prior written consent, and we do not share or sell these numbers to third parties for their own marketing use.

Technical Information

- IP address, browser, device type

- Usage data and analytics

- Cookies and session data

2. How We Use Your Information

Service Delivery

Provide and maintain Services, process transactions, and offer customer support.

A2P Messaging Operations

- Send transactional, operational, or marketing SMS messages only to users who have provided explicit written consent

- Register and manage SMS campaigns with carriers and registry platforms (e.g., TCR) as required by CTIA guidelines and carrier A2P policies

- Maintain consent records to demonstrate compliance with applicable messaging laws (TCPA, CTIA, CAN-SPAM)

- Process opt-out requests (e.g., STOP replies) immediately and suppress further messaging

- Honor keyword commands: STOP (unsubscribe), HELP (support info), START (re-subscribe)

Improvement

Analyze usage, develop features, and fix issues.

Communication

Send updates, security alerts, and marketing communications (with consent).

Business Operations

Fraud prevention, legal compliance, and enforcement of our Terms of Service.

3. A2P Messaging — Consent, Opt-In & Opt-Out

Consent Requirements

We only send SMS/A2P messages to individuals who have provided prior express written consent. Consent is collected through:

- Web forms with a clear disclosure statement

- In-app opt-in flows

- Other documented methods that meet TCPA and CTIA standards

Consent disclosures include:

- The identity of the sender (FixWebCo or your business)

- The nature and frequency of messages

- "Message and data rates may apply"

- How to opt out (reply STOP) and get help (reply HELP)

Opt-Out Processing

Opt-out requests via STOP, UNSUBSCRIBE, CANCEL, END, or QUIT are processed immediately and no further messages are sent

- Opt-out records are retained for compliance purposes

- Users may re-subscribe at any time by texting START

Message Frequency & Content

- Message frequency varies based on your settings and campaign configuration

- We do not send prohibited content as defined by CTIA guidelines (e.g., cannabis, hate speech, illegal substances, SHAFT categories)

- All messages include a clear opt-out instruction

4. Information Sharing

We do NOT sell your data or your customers' phone numbers.

We share data with:

- Service Providers: Hosting, payments, analytics, and SMS gateway providers (all contractually obligated to protect your data)

- A2P Registry & Carriers: We share campaign registration data (brand name, use case, sample messages) with The Campaign Registry (TCR) and wireless carriers as required for A2P 10DLC, - Toll-Free, or Short Code compliance

- Integrations: Platforms you choose to connect

- Marketing: Your company name/logo (with your permission)

- Legal: When required by law or valid legal process

- Business Transfers: In the event of a merger or acquisition

5. Cookies

We use cookies for login session management, user preferences, analytics, and advertising.

To opt out of Google personalized ads, visit google.com/settings/ads or aboutads.info.

6. Security

We use encryption, regular security audits, access controls, and secure data centers to protect your information. No system is 100% secure, and we encourage you to use strong passwords and contact us immediately if you suspect unauthorized access.

7. Data Retention

We retain your data while your account is active or as required by law.

Account deletion: Data is deleted within 90 days of a valid deletion request (contact [email protected])

SMS consent records: Retained for a minimum of 4 years after the last message or opt-out event, as required by TCPA compliance best practices

Opt-out records: Retained indefinitely to prevent accidental re-messaging

8. Your Privacy Rights

8.1 All Users (Global Rights)

- Access, correct, delete, or export your data

- Opt out of marketing communications

- Object to certain types of data processing

8.2 United States Residents

California (CCPA/CPRA)

- Know what personal information we collect, use, and share

- Request deletion of your personal information

- Opt out of the "sale" or "sharing" of personal information (we don't sell data)

- Limit use of sensitive personal information

- Non-discrimination for exercising your rights

TCPA (All US Residents)

- Withdraw consent to receive SMS/text messages at any time by replying STOP or contacting us directly

- Request records of your consent history

Virginia, Colorado, Connecticut, Utah

- Confirm whether we process your personal data

- Access and obtain a copy of your personal data

- Delete personal data you provided

- Correct inaccuracies in your personal data

- Opt out of targeted advertising and profiling

To exercise US rights: Email [email protected] with "US Privacy Request" in the subject line.

8.3 United Kingdom Residents (UK GDPR)

Rights include: access, rectification, erasure, restriction of processing, data portability, objection, and the right to withdraw consent.

Legal bases: contract performance, legitimate interests, legal obligations, and your consent.

Contact: [email protected] with "UK GDPR Request" in the subject line | Supervisory authority: ico.org.uk

8.4 European Union Residents (EU GDPR)

Rights include: access, rectification, erasure, restriction, portability, objection, and consent withdrawal.

Legal bases: contract performance, legitimate interests, legal obligations, and consent.

Contact: [email protected] with "EU GDPR Request" in the subject line | Find your local DPA: edpb.europa.eu

8.5 Swiss Residents (FADP)

Rights include: access, rectification, erasure, objection, portability, and restriction of automated decision-making.

Contact: [email protected] with "Swiss Privacy Request" | FDPIC: edoeb.admin.ch

8.6 Canadian Residents (PIPEDA)

Rights include: access, correction, and withdrawal of consent for marketing.

Contact: [email protected] with "Canadian Privacy Request" | Privacy Commissioner: priv.gc.ca

8.7 Australian Residents (Privacy Act 1988)

Rights include: access, correction, knowledge of data use, direct marketing opt-out, and anonymity where practicable.

Contact: [email protected] with "Australian Privacy Request" | OAIC: oaic.gov.au

9. International Data Transfers

Our Services are operated from Milan, Italy. We may transfer, store, and process your information in the EU (primary), the United States (cloud providers), and other locations as needed for service delivery.

Transfer safeguards:

EU/UK: Standard Contractual Clauses (SCCs) approved by the European Commission

Switzerland: Swiss-approved Standard Contractual Clauses

Other jurisdictions: Appropriate safeguards as required by local law

By using our Services, you consent to these transfers under the protections described above.

10. Country-Specific Provisions

RegionFrameworkContact/AuthorityItaly / EUEU GDPRgaranteprivacy.itUnited StatesTCPA, CCPA, state lawsoag.ca.gov/privacyUnited KingdomUK GDPR, DPA 2018ico.org.ukSwitzerlandFADPedoeb.admin.chCanadaPIPEDApriv.gc.caAustraliaPrivacy Act 1988oaic.gov.au

11. Children's Privacy

Our Services are not intended for individuals under:

16 years — General, EU, UK, Italy, Australia, Canada, Switzerland

13 years — United States (COPPA)

We do not knowingly collect personal data from children. If we discover we have, we will delete it immediately.

12. Third-Party Links

We are not responsible for third-party privacy practices. Please review the privacy policies of any third-party services before sharing information with them.

13. Policy Updates

We will notify you of material changes via:

Email to your registered address

A prominent notice on our website

At least 30 days advance notice where required by law

Your continued use of our Services after changes take effect constitutes acceptance of the updated policy.

14. Data Protection & A2P Compliance Contacts

PurposeContactGeneral Privacy[email protected] — Subject: "Privacy Request"SMS/A2P Opt-OutReply STOP to any message, or email [email protected]US Privacy[email protected] — Subject: "US Privacy Request"UK GDPR[email protected] — Subject: "UK GDPR Request"EU GDPR[email protected] — Subject: "EU GDPR Request"Swiss Privacy[email protected] — Subject: "Swiss Privacy Request"Canadian Privacy[email protected] — Subject: "Canadian Privacy Request"Australian Privacy[email protected] — Subject: "Australian Privacy Request"Data Protection Officer[email protected] — Subject: "Data Protection Officer"

15. Contact Information

FixWebCo — Privacy Officer

Email: [email protected]

Website: fixwebco.com

Location: Via Mameli 25, Giussano, Italy

Response Time: Within 30 days of request (or as required by applicable law)

Your privacy matters globally. We are committed to protecting your information across all jurisdictions, maintaining full compliance with A2P messaging regulations, and being transparent about our practices.