Privacy Policy

What we collect, why, on what legal basis, and your rights. Last updated 11 June 2026.

1. Who is responsible for your data

The data controller for personal data described in this policy is Kevin Fahey, trading through Results With Kevin / ResultsAIx, established in Portugal ("we", "us").

  • Privacy contact: info@onlineimsupport.com
  • We are not required to appoint a Data Protection Officer; the contact above handles all privacy matters.

2. The short version

  • We collect the minimum needed to deliver licenses, updates, and support.
  • We never sell personal data. We never run third-party advertising trackers on this site.
  • Content on your own WordPress site stays on your site — our plugins don't send it to us.
  • You can get a copy of your data, or have it deleted, with one email.

3. What we collect, why, and on what legal basis

DataWhere it comes fromPurposeLegal basis (GDPR Art. 6)
Name, email, transaction ID, product purchased, amountThe marketplace you bought through (WarriorPlus, ClickBank, Stripe, PayPal) sends us a copy via payment notificationIssue your license, deliver the product, provide support, handle refunds(b) performance of a contract
License-validation pings: your site's domain, plugin version, license keyYour WordPress plugin, automaticallyValidate licenses, deliver updates, enforce seat limits(b) contract; (f) legitimate interest in preventing license abuse
Server logs: IP address, user agent, timestampsAutomatic, when you visit our sites or our endpoints are calledSecurity, abuse and fraud prevention, debugging(f) legitimate interest in running secure infrastructure
Support tickets: name, email, message, attachments you choose to sendYou, via the contact form or support deskAnswer your questions, fix problems(b) contract; (f) legitimate interest
Newsletter activity: email, opt-in date, opens/clicksYou, when you opt in via AWeber formsSend product news and marketing you asked for(a) consent — withdraw anytime via the unsubscribe link
Accounting records of purchasesMarketplacesTax and accounting compliance(c) legal obligation

4. What we deliberately don't collect

  • Your browsing behaviour outside our own sites — no ad-network pixels, no cross-site tracking.
  • Content you create with our AI tools in bring-your-own-key setups — those queries go directly from your site to your AI provider using your key.
  • Your WordPress site's content, customers, or analytics. Data your plugins process on your site (e.g. your buyers' conversions in WP Conversion Tracker) is stored in your WordPress database, under your control. For that data, you are the controller and we are not a recipient.
  • Payment card numbers — these never touch our systems; the marketplaces process all payments.
  • Special-category data (health, beliefs, etc.) — we have no use for it; please don't send it in support tickets.

5. Who we share data with (processors & recipients)

We never sell personal data. We share it only with service providers who help us run the business, under contracts that restrict their use of it:

ProviderRoleLocation
WarriorPlus, ClickBank, Stripe, PayPalPayment processing (independent controllers for the payment itself)USA
AWeberEmail newsletter delivery and opt-in analyticsUSA
Freshdesk (Freshworks)Support ticketing — only when you contact supportUSA/EU
Our hosting and CDN/security providersWebsite, license server, and download hosting; DDoS/WAF protectionEU/USA
Anthropic, OpenAI, GoogleAI processing when you use hosted AI features — your queries are processed under their termsUSA

We may also disclose data where required by law, to enforce our terms, or in connection with a business sale or reorganisation (with notice).

6. International transfers

Some providers above are in the United States. Where personal data leaves the EU/EEA, we rely on the European Commission's adequacy decision for the EU–US Data Privacy Framework for certified providers, and otherwise on Standard Contractual Clauses (SCCs) plus supplementary measures. You can request a copy of the relevant safeguards via the privacy contact.

7. How long we keep data

DataRetention
Purchase and license recordsLife of the license, then up to 2 years (to honour re-issues and refund disputes)
Accounting/tax records10 years (Portuguese tax law)
Support tickets3 years after the ticket closes
Newsletter dataUntil you unsubscribe; suppression entry kept so we don't email you again
Server logsUp to 90 days, unless needed for an active security investigation

8. Security

We use TLS encryption in transit, hashed credentials, least-privilege access to databases, separated environments, timing-safe license-key comparison, rate limiting, and audit logging on the license server. No internet system is 100% secure, but we design so that a single failure doesn't expose your data.

Breach notification: if a personal-data breach is likely to result in a risk to you, we will notify the competent supervisory authority within 72 hours of becoming aware, and affected customers without undue delay, as GDPR requires.

9. Your rights (GDPR / UK GDPR)

If you are in the EU/EEA or UK (and in practice, wherever you are), you can:

  • Access — get a copy of the personal data we hold about you.
  • Rectification — correct inaccurate data (e.g. change the email on your license with proof of ownership).
  • Erasure — have your data deleted. We'll delete everything except records we must keep by law (tax) or need for legal claims.
  • Restriction — limit how we process your data while a dispute is resolved.
  • Portability — receive the data you gave us in a machine-readable format.
  • Objection — object to processing based on legitimate interest, and to direct marketing at any time (which we always honour).
  • Withdraw consent — for consent-based processing (the newsletter), withdraw anytime via the unsubscribe link or by email; this doesn't affect processing before withdrawal.

How to exercise them: email info@onlineimsupport.com from the address connected to your purchase (or provide proof of identity if writing from another address). We respond within one month. Exercising your rights is free.

Complaints: you have the right to lodge a complaint with a supervisory authority — in Portugal, the CNPD (Comissão Nacional de Proteção de Dados, cnpd.pt), or the data-protection authority of the country where you live or work. We'd appreciate the chance to resolve it directly first.

10. California residents (CCPA/CPRA)

  • We do not sell or "share" (for cross-context behavioural advertising) personal information, and we haven't in the preceding 12 months.
  • Categories collected: identifiers (name, email, IP), commercial information (purchases), internet activity (our own site/endpoint logs only).
  • You have the rights to know, delete, correct, and to non-discrimination for exercising them. Use the same contact email; we honour these requests regardless of exact legal applicability.

11. Children

Our products and sites are for business use and not directed at children under 16. We don't knowingly collect children's data; if you believe a child has provided us personal data, contact us and we'll delete it.

12. Automated decision-making

We don't make decisions with legal or similarly significant effects about you based solely on automated processing. Automated systems are limited to things like rate-limiting and fraud signals, always with human review available.

13. Cookies

This site uses a minimal set of cookies/scripts — see the Cookie Policy for the full list and how to control them.

14. Changes to this policy

We'll update this page when our practices change and adjust the "last updated" date. Material changes are announced on the site and by email to active customers.

15. Contact

Privacy questions or requests: info@onlineimsupport.com. See also: GDPR Compliance Statement · Data Processing Addendum.