Wisanna Privacy Policy
Last Updated: July 10, 2026
Welcome to Wisanna.
This Privacy Policy explains how Wisanna AI Ltd (d/b/a Wisanna), a company registered in Israel (business registration no. 517319190), with registered address: Bar Kohva 117, Herzlia, 4600723, Israel ("we," "us," or "our"), collects, uses, and protects personal data when you use our website (https://wisanna.com), our web platform, our Microsoft Word Add-in, and related services (collectively, the "Service").
1. Important: Scope and Roles
To ensure clarity under privacy laws (including the GDPR), we distinguish between two types of data:
1.1. Account & Usage Data (We are the Controller):
Information about you (the user/customer), such as your registration details, billing info, and how you interact with our website. This Privacy Policy applies to this data.
1.2. Customer Content (We are the Processor):
The legal documents, case files, and text you upload or process *using* our Service (e.g., a contract you draft using Wisanna AI).
We do not own this data. We process it solely on your behalf.
This processing is governed by our Terms of Use (https://wisanna.com/legal/terms) and Data Processing Agreement (DPA) (https://wisanna.com/legal/dpa), not this Privacy Policy.
No Training: We do not use your Customer Content to train our core AI models.
2. Personal Data We Collect
We collect the minimum data necessary to provide and improve our Service.
2.1. Data You Provide to Us
Account Information: Name, email address, phone number, company name, job title, and password/authentication credentials.
Billing Information: Payment details (processed by our third-party payment providers; we do not store full credit card numbers).
Support & Communications: Content of messages you send to customer support, feedback, or forms you fill out on our website.
2.2. Data Collected Automatically (Usage Data)
When you use the Service, we automatically collect metadata to ensure security and product reliability:
Device Data: IP address, browser type, operating system, device identifiers.
Activity Data: Login timestamps, pages visited, features used, and error logs.
Cookies: We use strictly necessary cookies for authentication and security and, only with your consent, cookies for analytics and marketing. You can accept, refuse, or change your choices at any time via our cookie consent banner or the "Cookie preferences" link in the footer of every page. For details, see our Cookie Policy (https://wisanna.com/legal/cookies).
2.3. Data from Third Parties
Integrations: If you sign up via Google or Microsoft, we receive basic profile information (email, name) authorized by you.
Partners: We may receive business contact information from lead generation partners or public sources (e.g., LinkedIn) for B2B marketing purposes, subject to applicable law.
3. How and Why We Use Your Data (Legal Basis)
Under the GDPR, we process your personal data only where we have a lawful basis under Article 6(1). The table below lists each purpose, the data used, and the specific legal basis we rely on. Where we rely on legitimate interest, we have assessed that our interest is not overridden by your rights and freedoms, and you may object at any time (see Section 7). Where we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before the withdrawal.
Purpose Type of Data Legal Basis (GDPR)
Providing the Service
Creating and administering accounts, authenticating users, delivering the Service's features, providing customer support. Account Information, Support & Communications Contract — Art. 6(1)(b)
(Necessary to perform our Terms of Use)
Responding to Your Requests
Handling demo, trial, and contact requests, and scheduling demonstrations you book. Contact details and message content you submit Pre-contract steps — Art. 6(1)(b)
(Steps taken at your request prior to entering a contract)
Billing & Subscription Management
Processing payments and managing subscriptions through our payment provider (Paddle). Billing Information Contract — Art. 6(1)(b); Legal Obligation — Art. 6(1)(c)
(Tax and accounting law requires us to keep billing records)
Security & Fraud Prevention
Detecting and preventing abuse, debugging technical issues, keeping security logs, enforcing our Acceptable Use Policy. Usage Data, Device Data Legitimate Interest — Art. 6(1)(f)
(Keeping the Service safe and reliable for all users; you may object — see Section 7)
Product Improvement
Analyzing how the Service is used in order to improve features, using aggregated or de-identified data where possible. Usage Data Legitimate Interest — Art. 6(1)(f)
(Improving the Service for all users; you may object — see Section 7)
Website Analytics
Measuring website visits and user journeys with analytics cookies (Google Analytics, Microsoft Clarity). Cookie identifiers, page interactions Consent — Art. 6(1)(a)
(Used only if you accept "Analytics" in our cookie banner; change your choice anytime via "Cookie preferences")
Marketing Communications
Sending newsletters, product updates, and offers you signed up for (B2B). Name, business email, consent records Consent — Art. 6(1)(a)
(Given via the sign-up checkbox; withdraw anytime via the "Unsubscribe" link in any marketing email)
B2B Outreach to Legal Professionals
Contacting lawyers and law firms using business contact details obtained from public professional registers or partners (see Section 2.3). Name, firm, business contact details Legitimate Interest — Art. 6(1)(f)
(Relevant professional B2B context; Section 2.3 describes the sources of such data; you may opt out at any time via the unsubscribe link or by emailing privacy@wisanna.com — see Sections 7 and 8)
Advertising & Measurement
Measuring our ad campaigns and showing relevant ads (Google Ads, Meta, LinkedIn) via marketing cookies and conversion tracking. Cookie identifiers, hashed contact data for conversion measurement Consent — Art. 6(1)(a)
(Used only if you accept "Marketing" in our cookie banner; change your choice anytime via "Cookie preferences")
Legal Compliance
Keeping tax records and responding to lawful requests from courts and authorities. Account Information, Billing Information Legal Obligation — Art. 6(1)(c)
4. Sharing Your Data
We do not sell your personal data. We share data only in the following circumstances:
4.1. Service Providers (Sub-processors)
We engage trusted third-party vendors to help run our business (e.g., cloud hosting, AI model providers, payment processing, email delivery).
These vendors are contractually bound to protect your data.
A current list of our sub-processors is available at: https://wisanna.com/legal/sub-processors.
4.2. Legal Requirements
We may disclose information if required by law, subpoena, or court order, or to protect the rights, property, or safety of Wisanna, our users, or the public.
4.3. Business Transfers
If Wisanna is involved in a merger, acquisition, or asset sale, your account data may be transferred as part of that transaction.
5. International Data Transfers
Wisanna is based in Israel.
Transfers to Israel: The European Commission has recognized Israel as providing an adequate level of data protection (Adequacy Decision). This means data can flow freely from the EU to Israel.
Transfers to Other Countries (e.g., USA): Some of our service providers (like OpenAI or Google) are based in the US. We ensure these transfers are protected via the EU-US Data Privacy Framework (DPF) or Standard Contractual Clauses (SCCs).
6. Security and Retention
6.1. Security
We implement industry-standard technical and organizational measures to protect your data (e.g., encryption in transit and at rest, strict access controls). For more details, see our Security page: https://wisanna.com/legal/security.
6.2. Retention
We keep personal data only for as long as necessary for the purposes described in this Policy, and then delete or anonymize it. Our standard retention periods are:
Data Category Retention Period Notes
Account Information Life of the account + 30 days Deleted or anonymized after account closure, subject to the exceptions below
Billing & Tax Records Up to 10 years after the transaction Retention required by applicable tax and accounting law
Support & Communications 24 months after the matter is closed Kept to handle follow-ups and improve our support
Marketing & Lead Data Until consent is withdrawn, or 24 months after your last interaction Unsubscribing stops marketing immediately; a minimal suppression record is kept to honor your opt-out
Usage & Security Logs 12 months Kept for security, fraud prevention, and diagnostics; longer only if needed for an active investigation
Cookies & Similar Technologies Per cookie, up to 2 years See the durations table in our Cookie Policy (https://wisanna.com/legal/cookies)
Backups Up to 35 days (rolling) Deleted data is removed from backups automatically within this window
Where the defense of legal claims or a regulatory obligation requires it, we may retain specific records for the duration of the applicable limitation period.
7. Your Privacy Rights (GDPR)
If you are located in the EEA, UK, or Switzerland, you have the following rights regarding your Account Data:
Access: Request a copy of the personal data we hold about you.
Rectification: Correct inaccurate or incomplete data.
Erasure: Request deletion of your data ("Right to be Forgotten"), subject to legal retention needs.
Restriction: Request we pause processing your data.
Portability: Receive your data in a structured, commonly used format.
Objection: Object to processing based on "legitimate interest" or for direct marketing.
Withdraw Consent: Where processing is based on your consent (e.g., marketing emails, analytics/marketing cookies), you may withdraw it at any time, with effect for the future.
Complaint: Lodge a complaint with your local supervisory authority. In Romania, this is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP, www.dataprotection.ro).
To exercise these rights: Email us at privacy@wisanna.com. We may verify your identity before processing the request. We respond within one month (extendable by two further months for complex requests, in which case we will inform you).
8. Marketing Preferences
You can opt out of marketing emails at any time by clicking the "Unsubscribe" link in the email footer or contacting us. Please note that even if you opt out of marketing, we may still send you necessary administrative emails (e.g., password resets, billing notices).
9. Children’s Privacy
Our Service is a B2B professional tool and is not intended for individuals under the age of 18. We do not knowingly collect data from children.
10. Updates to this Policy
We may update this Privacy Policy from time to time. The updated version will be indicated by the "Last Updated" date above. If we make material changes, we will notify you via the Service or email.
11. Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us:
Wisanna AI Ltd (Wisanna)
Bar Kohva 117, Herzlia, 4600723, Israel
Email: privacy@wisanna.com
12. References
- Terms of Use: https://wisanna.com/legal/terms
- Data Processing Agreement (DPA): https://wisanna.com/legal/dpa
- Security Policy & TOMs: https://wisanna.com/legal/security
- Sub-processors: https://wisanna.com/legal/sub-processors