WHYN ("we", "us", or "our") is committed to protecting your personal data. This policy explains what we collect, why, and what rights you have over your information.
1. Who we are
WHYN is a conversion systems studio. We build landing pages, automation flows, and booking systems for coaches and online sellers.
For data protection enquiries, contact us at: privacy@whyn.com
2. What data we collect
We only collect what is strictly necessary:
- →Name — To address you personally
- →Email address — To respond to your enquiry and send follow-ups you consented to
- →Phone number — Optional — only if you choose to provide it, for WhatsApp contact
- →Source — Which page or campaign you came from — for internal analysis only
- →Consent timestamp — Record that you agreed to be contacted — required by GDPR
We do not collect sensitive data, payment card details, or government IDs.
3. How we use your data
Your data is used solely to:
- Respond to your enquiry
- Send follow-up emails you have consented to
- Book a call via Cal.com (if you proceed to booking)
- Improve our services through aggregate (non-personal) analysis
We do not sell, rent, or trade your data with third parties for marketing purposes.
4. Legal basis (GDPR)
We process your data under the following legal bases:
- Consent — you explicitly tick the consent checkbox before submitting the form.
- Legitimate interest — responding to a direct enquiry you initiated.
You can withdraw consent at any time by emailing privacy@whyn.com.
5. Third-party services
We use the following third parties who may process your data:
Supabase
Database hosting (form submissions stored here) · EU / US (with appropriate safeguards)
Privacy policy ↗6. Data retention
We retain your data for a maximum of 2 years from your last interaction, unless you request earlier deletion. After this period, data is permanently deleted from our systems.
7. Your rights
Under GDPR, you have the right to:
- Access — request a copy of the data we hold on you
- Rectification — ask us to correct inaccurate data
- Erasure — ask us to delete your data ("right to be forgotten")
- Restriction — ask us to limit processing while a dispute is resolved
- Portability — receive your data in a machine-readable format
- Object — object to processing based on legitimate interest
- Withdraw consent — at any time, without affecting the lawfulness of prior processing
To exercise any of these rights, email privacy@whyn.com. We will respond within 30 days.
8. Cookies
We use essential cookies only (session management, security). We do not use advertising or tracking cookies without your explicit consent. See our Cookie Policy.
9. Security
Your data is stored in Supabase with row-level security. All transmissions use HTTPS. API keys are stored as server-side environment variables and never exposed to the client.
10. Changes to this policy
We may update this policy periodically. Material changes will be communicated via email if you are on our contact list. The "last updated" date at the top of this page reflects the most recent revision.
11. Contact
For any privacy-related questions: privacy@whyn.com