Legal

Privacy Policy

Last updated: April 19, 2026 · Compliant with GDPR (EU) and Moroccan law 09-08.

This policy describes how Webotic ("we") collects, uses and protects your personal data when you visit webotic.ma or use our services.

1. Data Controller

Webotic
N° 08, 145 Av. Allal Ben Abdellah — 10000 Rabat, Morocco
Email: contact@webotic.ma
Phone: +212 664 334 542

For data protection questions, contact our DPO at dpo@webotic.ma.

2. Data Collected

2.1 Contact form

When you fill out our contact form, we collect:

• First and last name
• Email address
• Phone number (optional)
• Company name (optional)
• Budget range
• Message content

Legal basis: explicit consent (GDPR art. 6.1.a).
Purpose: respond to your contact request and follow up with a free audit or commercial proposal.

2.2 Browsing data

We use Google Analytics 4 and Google Tag Manager Server-Side to analyze site usage. Collected data (anonymized where possible) includes:

• IP address (truncated)
• Pages visited, time on site
• Device type, browser, OS
• Traffic source (referrer)

Legal basis: legitimate interest (service improvement) and consent (Consent Mode v2).

3. Retention period

• Contact form: 3 years after last contact (commercial outreach).
• Analytics data: 14 months (GA4 setting).
• Cookies: variable duration by category (max 13 months for advertising cookies).
• Active client: contract duration + 5 years (legal obligations).

4. Data sharing

Your data is never sold. It may be shared with:

• Technical subprocessors: Google (Analytics, Ads), Meta (CAPI), o2switch (hosting), HubSpot/Pipedrive (CRM if applicable).
• Authorities: only upon legal request.

All subprocessors are contractually bound to GDPR. Transfers outside the EU (notably the United States) are covered by Standard Contractual Clauses.

5. Cookies

We use the following cookies:

• Essential: session, preferences (exempt from consent).
• Analytics: _ga, _gid (Google Analytics 4) — audience measurement.
• Advertising: _fbp (Meta), NID (Google Ads), tt_pixel (TikTok) — set only after explicit consent via Consent Mode v2.

You can withdraw consent at any time via the cookie banner or your browser settings.

6. Your rights

Under GDPR and Moroccan law 09-08, you have the following rights:

• Access: obtain a copy of data concerning you.
• Rectification: correct inaccurate data.
• Erasure ("right to be forgotten"): request deletion of your data.
• Objection: refuse processing for outreach purposes.
• Portability: retrieve your data in a structured format.
• Restriction: freeze processing in certain cases.

To exercise these rights, email dpo@webotic.ma. We respond within 30 days maximum.

For unresolved disputes, you may contact the CNDP (Morocco's data protection authority) or the CNIL (France) for EU residents.

7. Security

We implement appropriate technical and organizational measures: HTTPS (TLS 1.3), at-rest encryption, restricted data access, encrypted backups, access logging, GDPR training for staff.

8. Changes

This policy may be updated. The last modification date appears at the top. For material changes, we'll notify you via email or a site banner.

9. Contact

For questions: contact@webotic.ma or dpo@webotic.ma.

See also: Legal notice