PagePilot Privacy Policy

Last updated: January 13, 2026

This Privacy Policy explains how PagePilot ("PagePilot", "we", "us", or "our") collects, uses, and shares information when you visit our websites, use the PagePilot platform, or otherwise interact with us. PagePilot is owned and operated by DLVX Studio SRL, a company registered in Belgium under number BE0802.384.691 with offices at Chaussée de Wavre 287, 1390 Grez-Doiceau, Belgium. It also describes your choices. If you disagree with this Policy, please do not use the Services.

1. Scope, Definitions & Data Controller

• Services: The PagePilot multi-tenant website platform, public sites, admin dashboard, APIs, documentation, acceptance environments, and related support.
• Customer: An organization that creates a PagePilot tenant.
• End User: A visitor to a Customer’s public website or an individual whose data is stored in a tenant.
• Personal Data: Any information relating to an identified or identifiable person.
• Data Controller: For the purposes of EU/UK data protection law, the controller of data we collect directly (e.g., marketing, support, or platform account data) is DLVX Studio SRL, Chaussée de Wavre 287, 1390 Grez-Doiceau, Belgium (BE0802.384.691).

2. Information We Collect

1. Account & Profile Data
   • Contact information (name, business name, email, phone) provided during sign-up or support interactions.
   • Authentication data (hashed passwords, access tokens).
2. Tenant & Content Data
   • Business descriptions, sections, images, location details, hours, bookings, or other content uploaded through the admin dashboard.
   • Contact form submissions and inbox messages.
3. Usage & Diagnostics
   • Log files (IP addresses, browser type, timestamps, referring/exit pages).
   • API usage metrics, feature telemetry, performance data, crash reports.
4. Support & Communications
   • Emails or tickets sent to [email protected] or other aliases.
   • Survey responses, beta feedback, or webinar attendance information.
5. Cookies & Similar Technologies
   • We use cookies or local storage to maintain sessions, remember preferences, and measure aggregate traffic. Visitors can adjust browser settings to limit cookies, but some features may not function properly.

Information is collected directly from you, automatically when you use the Services, or from third-party providers (e.g., analytics or payment partners) where permitted by law.

3. How We Use Information

• Provide, maintain, and secure the Services.
• Authenticate users, prevent fraud, and enforce acceptable use policies.
• Deliver tenant content to end users and process contact submissions.
• Respond to requests, provide support, and send transactional notices.
• Analyze usage to improve reliability, features, and user experience.
• Send marketing or onboarding communications (you can opt out anytime).
• Comply with legal obligations, dispute resolution, and contractual requirements.

4. Legal Bases (EEA / UK Visitors)

When GDPR or similar laws apply, we rely on these legal bases:

• Performance of a contract (e.g., providing the SaaS platform).
• Legitimate interests (e.g., securing and improving the Services, preventing abuse).
• Consent (e.g., certain marketing emails or cookies where required).
• Compliance with legal obligations.

5. Sharing & Disclosure

We do not sell personal data. We share information:

• Service Providers: Hosting (e.g., cloud infrastructure), database, email delivery (SMTP/SendGrid), analytics, and customer support tools that process data on our behalf under contract.
• Customers: End-user data submitted through tenant forms is made available to the relevant Customer.
• Legal & Safety: When required by law or to respond to lawful requests, protect rights, property, or users, and detect or prevent fraud/security issues.
• Business Transfers: In connection with mergers, acquisitions, financing, or sale of assets, subject to confidentiality and safeguards.

6. Data Retention

• Customer Content persists for the life of the subscription and a limited period thereafter (typically 30 days) unless deletion is requested sooner.
• Log and telemetry data are retained for operational needs (generally up to 12 months) unless longer retention is required for legal or security reasons.
• We retain support communications as needed to resolve issues and maintain records.

7. International Transfers

PagePilot may process and store information in countries other than where it was collected. When transferring personal data internationally, we implement safeguards such as Standard Contractual Clauses or comparable protections consistent with applicable law.

8. Security

We implement technical and organizational safeguards (encryption in transit, role-based access, monitoring, rate limiting, and backups) designed to protect data. No system is completely secure; customers should export critical data regularly and notify [email protected] of vulnerabilities or suspected incidents.

9. Your Choices & Rights

Depending on your location, you may have rights to:

• Access, correct, or delete your personal data.
• Object to or restrict processing.
• Receive a portable copy of certain information.
• Withdraw consent where processing is based on consent.
• Opt out of marketing communications by using unsubscribe links or contacting us.

Requests can be sent to [email protected] or [email protected]. We may need to verify your identity before responding. If we act as a processor on behalf of a Customer, we will direct you to that Customer to exercise your rights.

California (CCPA/CPRA) residents have the right to know, delete, and correct certain personal information and to opt out of sharing for cross-context behavioral advertising. PagePilot does not sell personal information, but we honor verified requests submitted through the channels above.

10. Children

The Services are not directed to children under 16, and we do not knowingly collect personal information from them. If we learn that data from a child has been collected, we will delete it promptly.

11. Third-Party Services

Customer sites or the Services may link to third-party platforms. Their privacy practices are governed by their own policies. Customers are responsible for ensuring that third-party embeds or integrations used in their tenant comply with applicable privacy laws.

12. Changes to this Policy

We may update this Privacy Policy to reflect regulatory, technical, or business changes. Updates will be posted here with a new effective date. If changes materially affect your rights, we will provide additional notice (e.g., email or dashboard banner).

13. Contact

For privacy questions, data requests, or complaints, contact the data controller (DLVX Studio SRL):

• Email: [email protected] or [email protected]
• Mail: DLVX Studio SRL (BE0802.384.691), Chaussée de Wavre 287, 1390 Grez-Doiceau, Belgium
• Security Issues: [email protected]

If you are in the EEA/UK and believe we have not adequately addressed your concern, you may lodge a complaint with your local supervisory authority.