Skip to main content

Last updated: March 9, 2026

Pyxsoft Computing Ltd. ("the Company", "we", "us") is committed to protecting your privacy and personal data. This Privacy Policy explains how we collect, use, store, and share your information when you use the PowerWAF service ("the Service") and our website www.powerwaf.com, in compliance with the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the UK GDPR, and other applicable data protection laws.

1. Data Controller

The data controller responsible for processing your personal data is:

Pyxsoft Computing Ltd. Email: privacy@powerwaf.com

2. What Data We Collect

We collect and process the following categories of personal data:

  • 2.1. Account Information: Name, email address, company name, and billing address provided during registration.
  • 2.2. Payment Data: Payment method details (processed by our third-party payment processor; we do not store full credit card numbers).
  • 2.3. Technical Data: IP addresses, browser type and version, operating system, referral source, and pages visited on our website.
  • 2.4. Service Usage Data: Traffic logs, security events, and configuration data related to your use of the WAF/CDN service.
  • 2.5. Communication Data: Content of emails, support tickets, and other communications with us.
  • 2.6. Cookie Data: Information collected through cookies and similar technologies (see Section 9).

3. Legal Basis for Processing

We process your personal data based on the following legal grounds under Article 6 of the GDPR:

  • 3.1. Contract Performance (Art. 6(1)(b)): Processing necessary to provide the Service, manage your account, and process payments.
  • 3.2. Legitimate Interest (Art. 6(1)(f)): Processing necessary for our legitimate interests, such as improving the Service, detecting fraud, ensuring network security, and sending service-related communications.
  • 3.3. Legal Obligation (Art. 6(1)(c)): Processing required to comply with applicable laws, such as tax and accounting obligations.
  • 3.4. Consent (Art. 6(1)(a)): Where we rely on your consent (e.g., marketing communications), you may withdraw it at any time by contacting us at privacy@powerwaf.com.

4. How We Use Your Data

We use your personal data for the following purposes:

  • Providing and maintaining the Service;
  • Processing payments and managing subscriptions;
  • Communicating with you about your account, service updates, and support requests;
  • Detecting and preventing security threats, fraud, and abuse;
  • Analyzing usage patterns to improve the Service;
  • Complying with legal obligations;
  • Sending marketing communications (only with your consent).

5. Data Sharing and Third Parties

We do not sell your personal data. We may share your data with:

  • 5.1. Service Providers: Third-party providers who assist us in operating the Service (e.g., payment processors, hosting providers, email delivery services). These providers are contractually bound to process data only on our instructions and in compliance with the GDPR.
  • 5.2. Legal Requirements: When required by law, regulation, or legal process, or to protect the rights, property, or safety of the Company, our users, or the public.
  • 5.3. Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

6. International Data Transfers

Your data may be processed in countries outside the European Economic Area (EEA) or the United Kingdom. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission;
  • UK International Data Transfer Agreement or Addendum, where applicable;
  • Adequacy decisions by the European Commission or UK government.

7. Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes described in this policy:

  • Account data: Retained for the duration of your account and up to 12 months after account closure.
  • Billing data: Retained for up to 7 years after the transaction, as required by tax and accounting laws.
  • Technical and usage data: Retained for up to 24 months.
  • Communication data: Retained for up to 36 months after the last interaction.

When data is no longer needed, it is securely deleted or anonymized.

8. Your Rights

Under the GDPR and UK GDPR, you have the following rights regarding your personal data:

  • 8.1. Right of Access (Art. 15): You may request a copy of the personal data we hold about you.
  • 8.2. Right to Rectification (Art. 16): You may request correction of inaccurate or incomplete data.
  • 8.3. Right to Erasure (Art. 17): You may request deletion of your personal data, subject to legal retention obligations.
  • 8.4. Right to Restriction (Art. 18): You may request that we restrict the processing of your data in certain circumstances.
  • 8.5. Right to Data Portability (Art. 20): You may request your data in a structured, commonly used, machine-readable format.
  • 8.6. Right to Object (Art. 21): You may object to processing based on legitimate interests, including profiling and direct marketing.
  • 8.7. Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, contact us at privacy@powerwaf.com. We will respond within 30 days of receiving your request, as required by law.

9. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to:

  • Ensure proper functionality of the website;
  • Analyze website traffic and usage (analytics);
  • Remember your preferences.

You can manage your cookie preferences through your browser settings. For more details, see our cookie banner on the website.

10. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption of data in transit (TLS/SSL);
  • Access controls and authentication mechanisms;
  • Regular security audits and monitoring;
  • Staff training on data protection.

11. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated at least 30 days in advance via email or a prominent notice on our website. The "Last updated" date at the top of this page indicates when the policy was last revised.

13. Complaints

If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority:

  • United Kingdom: Information Commissioner's Office (ICO) — ico.org.uk
  • European Union: The data protection authority in your country of residence. A list is available at edpb.europa.eu.

14. Contact Information

For any questions or requests regarding this Privacy Policy or your personal data, please contact:

Pyxsoft Computing Ltd. Data Protection Contact: privacy@powerwaf.com General Inquiries: legal@powerwaf.com