ProtectMyWebsite← Back to site

Privacy Policy

Last updated June 28, 2026

This Privacy Policy explains how ProtectMyWebsite, a sole proprietorship (“ProtectMyWebsite,” “we,” “us”) collects, uses, and protects information when you use our managed WAF service at www.wafcybersecurity.com (the “Service”).

1. Information We Collect

Account information

When you create an account we collect your email address and a securely hashed version of your password. We never store your password in plain text.

Billing information

Payments are processed by Stripe. We do not collect or store your full card number; Stripe handles card data under its own security and privacy practices. We retain billing metadata such as your subscription status, plan, and invoice records.

Website & configuration data

To provide the Service we store the domains you protect, your DNS and certificate configuration, and the firewall rules applied to each site.

Traffic & security log data

As your visitor traffic passes through the WAF, we process request metadata (such as IP address, timestamp, requested path, method, country, and which rule matched) to filter attacks and show you traffic and blocked-event statistics. Sensitive headers, including authorization and cookie values, are redacted before any request is logged. We retain only what is needed to operate the Service and show you your security activity.

2. How We Use Information

  • To provide, operate, secure, and improve the Service;
  • To provision and manage your WAF, SSL certificates, and DNS;
  • To bill you and process payments;
  • To send service, security, and account communications, including attack-spike alerts and password resets;
  • To provide support and respond to your requests; and
  • To comply with legal obligations and enforce our Terms.

3. How We Share Information

We do not sell your personal information. We share information only with service providers (“subprocessors”) that help us run the Service:

  • Amazon Web Services (AWS) — hosting, WAF, CloudFront, DNS, and log storage;
  • Stripe — payment processing; and
  • Amazon SES — transactional email delivery.

We may also disclose information if required by law, to protect our rights or the safety of others, or in connection with a business transfer.

4. Cookies & Sessions

We use a single essential authentication cookie to keep you signed in to your dashboard. We do not use third-party advertising or tracking cookies.

5. Data Retention

We retain account and configuration data for as long as your account is active. Security log data is retained only as long as needed to provide traffic and attack reporting. When you close your account, we delete or de-identify your data in the ordinary course, except where we must retain certain records (for example, billing records) to meet legal obligations.

6. Security

We protect your information using industry-standard measures, including encryption in transit, hashed passwords, encrypted backups, and least-exposure storage. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

7. Your Rights

Depending on where you live, you may have rights to access, correct, delete, or export your personal information, or to object to certain processing (for example under the California Consumer Privacy Act or the EU/UK GDPR). To exercise any of these rights, email us at support@wafcybersecurity.com. We do not sell personal information.

8. International Users

The Service is operated in the United States, and information is processed and stored on AWS infrastructure primarily in the United States. By using the Service, you understand that your information will be processed in the United States.

9. Children

The Service is not directed to children and is intended for users 18 and older. We do not knowingly collect personal information from children.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will revise the “Last updated” date above and, where appropriate, notify you of material changes.

11. Contact

Questions about your privacy? Email us at support@wafcybersecurity.com.