Legal

Privacy Policy

Last updated: June 2026

1. Data Controller

This Privacy Policy applies to Willo Networks LTD, a company registered in Israel, with offices at Brenner 49, Ra'anana 4360532, Israel ("Willo", "we", "us", or "our"). We operate the website at willo.media.

Willo Networks LTD is the Data Controller for personal data collected through this website, as defined under GDPR Article 13. As Data Controller, we determine the purposes and means of processing your personal data. We have not appointed a Data Protection Officer (DPO), as we are not required to do so under GDPR Art. 37 given the limited scale and nature of our data processing activities on this website.

For any privacy-related questions or to exercise your rights, contact us at: support@willo.media

2. Scope & Audience

This website is a business-to-business (B2B) platform intended solely for advertising professionals, publishers, media buyers, and potential business partners. It is not directed at consumers or individuals acting in a personal capacity. We do not knowingly collect data from individuals under the age of 18.

Because this site is strictly B2B, data submitted through the contact form relates to individuals in their professional capacity as representatives of business entities. Consumer-facing privacy protections that apply solely to natural persons acting outside their trade or profession are not the primary framework governing this website, though we comply with applicable law in all jurisdictions where we operate.

3. Data We Collect

Information you provide: When you submit our contact form, we collect:

  • Full name
  • Company name
  • Business email address
  • Phone number (optional)
  • Monthly volume or budget range
  • Role type (advertiser or publisher)
  • Division of interest (Web or Mobile)
  • Any message you include

Technical data collected automatically: When you visit our site we may automatically collect IP address, browser type, device type, operating system, referring URL, and pages visited. This data is processed by our hosting provider, Netlify, as part of standard infrastructure operations under their own privacy and data processing terms.

No sensitive data: We do not intentionally collect special categories of personal data as defined under GDPR Art. 9 (e.g., health data, racial or ethnic origin, political opinions, biometric data).

4. Legal Basis for Processing (GDPR Art. 6)

We process personal data only where we have a lawful basis. The following sets out the legal basis for each processing activity:

Contact form submissions

Basis: Consent (GDPR Art. 6(1)(a)) — you voluntarily provide your data by submitting the form. You may withdraw consent at any time by emailing support@willo.media. Withdrawal does not affect the lawfulness of processing before withdrawal.

Evaluating business partnerships

Basis: Legitimate interests (GDPR Art. 6(1)(f)) — we have a legitimate interest in assessing and responding to business inquiries from industry professionals. This interest does not override your fundamental rights, given the strictly B2B context of all submissions.

Site security and fraud prevention

Basis: Legitimate interests (GDPR Art. 6(1)(f)) — we have a legitimate interest in maintaining the security and integrity of our systems and preventing misuse.

Legal compliance

Basis: Legal obligation (GDPR Art. 6(1)(c)) — where we are required to process or retain data to comply with applicable law or regulatory requirements.

5. Automated Decision-Making & AI Processing

Willo operates a proprietary machine-learning platform called Willo CORE, which powers our media buying and campaign optimization operations. This platform processes anonymized and aggregated campaign performance data — it does not process the personal data submitted through this website's contact form.

Contact form data is not subject to automated decision-making. We do not use contact form submissions to make automated decisions that produce legal or similarly significant effects about you, as described in GDPR Art. 22. All follow-up on partnership inquiries involves human review by our team.

6. How We Use Your Data

We use the information you provide solely to:

  • Respond to your inquiry or partnership request
  • Evaluate potential business collaborations
  • Contact you with relevant follow-up communications
  • Maintain records of business communications as required by law

We do not use your data for unsolicited marketing. We do not sell, rent, share, or trade your personal information to any third party for their own marketing or commercial purposes.

7. Sharing Your Data

We do not sell or share personal data with third parties for marketing purposes. We may share data only in the following limited circumstances:

  • Service providers: Our hosting provider (Netlify) processes site traffic data as part of normal infrastructure operations under a data processing agreement and their own privacy terms.
  • Legal obligations: We may disclose data when required by law, court order, or a competent regulatory authority, and only to the extent required.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred as part of that transaction. We will notify you via email or a prominent notice on this site before your data becomes subject to a materially different privacy policy.

8. International Data Transfers

Willo Networks LTD is based in Israel. We serve business partners in the United States and the European Union. Personal data submitted through this website may be transferred to and processed in Israel.

Israel holds an EU adequacy decision: The European Commission has determined that Israel provides an adequate level of protection for personal data under EU standards (Commission Decision 2011/61/EU, updated under GDPR). Transfers of personal data from the EU/EEA to Israel are therefore lawful without additional safeguards under GDPR Chapter V.

Where we engage US-based service providers (e.g., Netlify), transfers are governed by Standard Contractual Clauses (SCCs) or equivalent mechanisms approved under GDPR Art. 46, or by the EU-US Data Privacy Framework where applicable.

9. Data Retention

Contact form submissions

Retained for up to 24 months from date of submission, or until the business inquiry is concluded, whichever is sooner. You may request earlier deletion at any time.

Server and access logs

Retained for up to 90 days for security and operational purposes, then automatically purged.

Legal hold

Where we are subject to a legal obligation to retain data for longer (e.g., regulatory requirements, litigation hold), we will retain it only for as long as required and will not use it for other purposes.

10. Cookies

Our website may use the following types of cookies:

  • Essential cookies: Strictly necessary for the site to function (e.g., security tokens, basic navigation). These cannot be disabled as they are required for the site to operate.
  • Analytics cookies: Where we use analytics tools, these collect anonymized, aggregated data on how visitors use the site (e.g., pages visited, time on site). We will request your consent before setting non-essential cookies where required by applicable law (including EU ePrivacy rules).

We do not currently use advertising cookies or cross-site tracking cookies. If this changes, we will update this policy and request consent as required. You can manage or disable cookies at any time through your browser settings, though disabling essential cookies may affect site functionality.

11. Your Rights

Depending on your location, you have the following rights regarding your personal data. To exercise any of these rights, email support@willo.media with the subject line "Privacy Rights Request." We will respond within 30 days (or within 72 hours for urgent breach-related requests).

Right of Access (GDPR Art. 15)

Request a copy of the personal data we hold about you and information about how we process it.

Right to Rectification (GDPR Art. 16)

Request correction of inaccurate or incomplete data we hold.

Right to Erasure — "Right to be Forgotten" (GDPR Art. 17)

Request deletion of your personal data where there is no compelling reason for us to continue processing it.

Right to Restriction of Processing (GDPR Art. 18)

Request that we limit how we use your data in certain circumstances (e.g., while accuracy is contested or an objection is pending).

Right to Data Portability (GDPR Art. 20)

Receive your data in a structured, machine-readable format and transfer it to another controller where technically feasible, where processing is based on consent or contract.

Right to Object (GDPR Art. 21)

Object to processing based on legitimate interests. We will cease processing unless we can demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.

Right to Withdraw Consent

Where processing is based on consent, you may withdraw it at any time without penalty. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

Israeli residents also have rights under the Protection of Privacy Law, 5741-1981, including the right to access and correct personal data held in a database. Submit requests to the same address above.

12. Right to Lodge a Complaint

If you believe we have not handled your personal data in accordance with applicable law, you have the right to lodge a complaint with a supervisory authority without prejudice to any other legal remedy.

  • EU/EEA residents: You may contact the data protection authority (DPA) in your EU Member State of habitual residence, place of work, or where the alleged infringement took place.
  • Israeli residents: You may contact the Israeli Privacy Protection Authority (PPA) at gov.il/en/departments/the_privacy_protection_authority.

We encourage you to contact us first at support@willo.media so we can attempt to resolve the matter directly and promptly.

13. California Residents — CCPA / CPRA

The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), may apply to California residents whose personal information we process. Note that CCPA rights apply to natural persons acting as consumers; individuals who submit information to this site in a purely business capacity may have limited CCPA rights, but we honor all reasonable requests regardless.

We do not sell your personal information. Willo Networks LTD does not sell personal information to third parties as defined under the CCPA/CPRA, and has not done so in the preceding 12 months.

We do not share personal information for cross-context behavioral advertising as defined under CPRA Section 1798.140(ah), and have not done so in the preceding 12 months.

California residents have the right to:

  • Know what personal information we have collected and how it is used
  • Delete personal information we have collected (subject to exceptions)
  • Correct inaccurate personal information
  • Opt out of the sale or sharing of personal information (not applicable — we do not sell or share)
  • Limit use of sensitive personal information (not applicable — we do not collect sensitive personal information as defined under CPRA)
  • Non-discrimination for exercising your privacy rights

To submit a California privacy request, email support@willo.media with the subject line "California Privacy Request." We will respond within 45 days as required by law.

14. Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to the rights and freedoms of individuals, we will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of the breach, where required under GDPR Art. 33, unless the breach is unlikely to result in any such risk.
  • Notify affected individuals without undue delay where the breach is likely to result in a high risk to their rights and freedoms, as required under GDPR Art. 34.
  • Comply with applicable Israeli breach notification requirements under the Protection of Privacy Law and any regulations promulgated by the PPA.

Where required, notifications will be sent to the email address provided in your contact form submission and/or communicated via a prominent notice on our website.

15. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, loss, destruction, or disclosure. These include encrypted data transmission (TLS/HTTPS), access controls, and periodic security reviews. No method of internet transmission is completely secure and we cannot guarantee absolute security, but we are committed to notifying affected parties promptly in the event of a breach.

16. Governing Law

This Privacy Policy is governed by the laws of the State of Israel, including the Protection of Privacy Law, 5741-1981 and the regulations thereunder. Where applicable, we also comply with the EU General Data Protection Regulation (GDPR) and the California Consumer Privacy Act / California Privacy Rights Act (CCPA/CPRA). In the event of conflict, the stricter applicable standard will apply.

17. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top of this page reflects the most recent revision. For material changes, we will provide advance notice by email (where we hold your address) or by a prominent notice on this website before the change takes effect. Continued use of the site after the effective date of changes constitutes acceptance of the updated policy.

← Back to Home