top of page

GDPR POLICY

GENERAL DATA PROTECTION REGULATION (GDPR)

EFFECTIVE FROM: JANUARY 31, 2021

ABOUT GDPR

 

  1. The General Data Protection Regulation (GDPR) - which came into force on May 25th, 2018 - aims to protect the fundamental right to privacy and the protection of the personal data of European Union (EU) citizens. 

  2. This regulation affects any entity (including websites) that processes EU citizens' personal data.

  3. Whether or not an individual, or a business, is located in the EU; if they have EU site visitors or, if their marketing campaigns target EU citizens, this affects them. 

 

BUILDING A GDPR-COMPLIANT WEBSITE WITH WIX

 

  1. Wix is a DIY (do-it-yourself) platform that aims to make it easy to use their platform to comply with privacy and data protection laws like the GDPR.

  2. Wix provides specific tools to help give site visitors control over their personal data. These tools implement technical and security measures to ensure that customers’ personal data is protected as it crosses borders.

 

CONFORMATION TO GDPR REQUIREMENTS

 

  1. Transparency and communication with site-visitors are key elements of the GDPR.

  2. As part of the regulation, NCBL must let site-visitors know how we collect, store and use their data - in a clear and transparent way.

  3. In addition, we must comply with site-visitors' requests to receive a copy of their data that is processed on our site.

  4. The NCBL Privacy Policy is a statement that discloses the ways in which our website gathers, uses, discloses, and manages site-visitors' data.

  5. NCBL maintains a clear and comprehensive privacy policy for our website, in accordance with both GDPR and local privacy regulations, as per sections 4, 12, and 13 of Wix's Privacy Policy

 

ABOUT DATA STORAGE & DATA TRANSFERS

 

  1. Wix can store site-visitors' data in a number of locations.

  2. Site-visitors ́ personal information may be stored in data centers located in the United States of America, Ireland, South Korea, Taiwan, and Israel.

  3. We may use other jurisdictions as necessary for the proper delivery of services and/or as may be required by law.

  4. Wix is a global company that respects the laws of the jurisdictions it operates within.

  5. The processing of the User Customer Data may take place within the territory of the European Union, Israel or a third country, territory, or one or more specified sectors within that third country, of which, the European Commission has decided that it ensures an adequate level of protection (transfer on the basis of an adequacy decision). 

 

ABOUT COOKIES & COOKIE BANNERS

 

  1. GDPR requires that NCBL get affirmative consent from site visitors before placing non-essential cookies (and similar technologies) on their devices.

  2. In general, the cookies which are initially placed on our Wix website may be categorized as essential cookies: security, anti-fraud, and other purposes related to the specific functionality of our service. 

  3. The Wix platform gives NCBL the ability to add multiple components, codes, third-party applications...and so on. These apps and integrations make it possible that our website will include other types of cookies that might require affirmative GDPR consent.

 

CONSENT TO PROCESS SITE VISITORS' DATA

 

  1. GDPR establishes ways in which NCBL can lawfully process site-visitors’ data. Requesting consent is just one of the ways to lawfully process data.

  2. Sometimes consent will not be the best method for our business.

  3. NCBL uses the best and most appropriate data processing method for our business. We receive 'affirmative consent' from site-visitors before processing site-visitors’ data, by:

    1. Displaying a Cookie Banner

    2. Using Wix-supported Forms to Receive Explicit Consent

 

CONSENT FOR MARKETING CAMPAIGNS

 

  1. Email marketing campaigns, including Wix Email Marketing, MailChimp, Constant Contact, or any other email marketing tools require consent from site-visitors.

  2. Consent to receive marketing campaigns can be interpreted and applied in different ways on our site. For example, NCBL can add a disclaimer next to our 'Subscribe' button informing site-visitors that clicking the button will subscribe them to our marketing campaigns. This is called 'implied consent'.

  3. While it is not obligatory under GDPR when sending marketing emails to existing customers, NCBL may request 'explicit consent' from site-visitors before sending them any marketing material.

ENSURING THIRD-PARTY APPS ARE GDPR-COMPLIANT

 

  1. As part of the GDPR, NCBL is responsible for any third-party apps or services implemented on our site.

  2. These services can include data analytics tools (e.g. Google Analytics, Facebook pixel...et cetera). 

  3. While reviewing our Wix site for GDPR compliance, we make sure that these apps and services are also GDPR compliant.

USING WIX TOOLS TO ACCESS & DELETE SITE VISITORS' DATA

 

  1. In accordance with GDPR, site-visitors have the right to access their data or ‘be forgotten’ (be permanently deleted from our databases).

  2. Wix has developed tools to assist NCBL in becoming GDPR compliant:

  3. Right to access. Learn more.

  4. Right to be forgotten. Learn more.

 

WIX AND THE GDPR

 

  1. Customer trust is Wix’s absolute top priority. 

  2. Wix has worked with a team of experts and has implemented the required adjustments to their products, services, and documentation, to ensure compliance with the GDPR. This empowers Wix customers to get more control over their personal data and gain the tools necessary to protect the information of visitors to Wix sites. 

  3. Wix is dedicated to data protection and has effectively reinforced this over the past 10 years. 

  4. Wix employs full-time security consultants, dedicated to the security of their customer information. Click here to learn more. 

  5. Wix is Payment Card Industry Data Security Standards (PCI DSS) compliant and is accredited as a level 1 service provider and merchant. This standard helps create a secure environment by increasing cardholder data, thus reducing credit card fraud.

  6. Wix regularly performs internal security audits to maintain its ISO/PCI security certifications. Click here to learn more. 

  7. Wix's signup and login services are completed through a secure server (HTTPS/SSL). Click here to learn more. 

  8. Wix uses cryptography hash functions to protect information. Passwords are stored as a hash digest and, in the event of a security breach, original passwords cannot be recovered from Wix servers.  

  9. Wix.com is certified under the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, and therefore adheres to the Privacy Shield Principles.

  10. In accordance with the GDPR, site visitors have the right to access their data or "be forgotten" (to be permanently deleted from our databases).

EFFECTIVE FROM: JANUARY 31, 2021

12068928_970449419677853_169754629922254
bottom of page