At Webflow, Inc., a Delaware corporation (hereinafter, “Webflow,” “Company,” “us,” or “we”), we respect and protect the privacy of visitors to our website, www.webflow.com, and the other websites under the webflow.com domain (collectively, the “Sites”), and our customers who use our SaaS product, web design software, tools, and related services (together with the Sites, the “Platform”).
This Global Privacy Policy (“Policy”) explains how we collect, use, disclose, and protect visitors’ and users’ information as part of the Platform. Any discussion of your use of the Platform in this Policy is meant to include your visits and other interactions with the Sites and Platforms, whether or not you are a user of Webflow’s SaaS product. If you are a resident of the European Union, European Economic Area, United Kingdom, or Switzerland, please read in addition to this Policy our EU & Swiss Privacy Policy for further information about our data collection practices and your rights.
Capitalized terms that are not defined in this Policy have the meaning given them in our Terms of Service including any relevant agreement, policy, or addendum incorporated therein and any amendments or modifications thereto.
By accessing and using our Platform, you signify your acceptance to the terms of this Privacy Policy. If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Platform.
HI THERE
Welcome to Webflow's Global Privacy Policy! In these boxes, you'll find our plain-English privacy policy. This part isn’t legally binding — it’s just an aid for understanding the legal language.
If you live in the European Union, European Economic Area, or Switzerland, you’ll also want to check out our EU & Swiss Privacy Policy too, as it takes precedence for you.
As is standard, your continued use of Webflow means you agree with this policy.
1. What “Personal Information” means
In this Policy, “Personal Information” means any information relating to an identifiable natural person. Except as described in this Policy, Webflow will not give, sell, rent, or loan any Personal Information to any third party.
Personal Information does not include data or information collected, derived, or otherwise generated from the use of the Platform, provided that such data has been anonymized, de-identified, and/or aggregated so as not to identify or permit the identification of any individual (“De-identified Data”), De-identified Data helps us understand trends in usage of the Platform so that we can better consider new features or otherwise tailor the Platform. In addition to collecting and using De-identified Data ourselves, we may share De-identified Data with third parties, including our customers, partners and service providers, for various purposes, including to help us better understand our customers’ needs and improve the Platform as well as for advertising and marketing purposes.
BASICALLY...
“Personal Information” is information someone can use to identify you.
2. How we collect, use, and share your Personal Information and other information
a. Information you provide to us
When you register for the Platform, we may ask for Personal Information such as your name, email address, credit card or other billing information. You may also provide at your own discretion certain related information like your personal website name, social media websites, a list of your skills, the date you started using the Platform, and a description of yourself. Additionally, as you utilize the Platform to create websites, the software continuously saves changes made by you with the server and will document items such as when you are working and saving changes, when you last opened the Designer, when sites are published, or when you perform certain tasks.
We may also retain the contents of any messages you send to us or through the Platform, and we may collect information you provide in Website Content that you post or upload to the Platform to the extent required or permitted under applicable law.
Webflow may use Personal Information you provided to operate, improve upon, and personalize the Platform, for billing identification and authentication, to contact you about the Platform and your use of the Platform, to support your use of the Platform (including by contacting you about right sizing your use of the Platform through Enterprise offerings), to send marketing materials (in accordance with applicable law), for research purposes, and to generally improve the content and functionality of the Platform.
We may also combine your Personal Information with third-party analytics — including session replay technologies — to build a broader profile of our Customers so that we can serve you better and provide custom, personalized content and information. Additionally, we may use Personal Information of our Sites visitors, Customers, and their End Users for fraud prevention, to analyze Site usage and Platform improvement, , for internal market research, troubleshooting problems, to enforce our Terms of Service, and as otherwise set forth in this Policy.
Note that we will never email you to ask for your account information. If you ever receive such an email, please forward it to privacy@webflow.com. For more information about our procedures in this regard, please review our Terms of Service.
We use financial information solely as authorized by you. While Webflow does not store your credit card information and will use commercially reasonable efforts to ensure the security of all credit card and all other Personal Information, we expressly disclaim any liability for any unauthorized access to or use of our secure servers and/or any and all personal and/or financial information stored therein, and you agree to hold Webflow harmless for any damages that may result therefrom.
b. Information we may receive from and share with third parties
We may now or in the future receive Personal Information about you from third parties. For example, if you access our Platform through a third-party connection or log-in or connect an application to Webflow, that third party you connected with may pass certain information about your use of its service to Webflow. This information could include, but is not limited to, the user ID associated with your account, an access token necessary to access that service, any information that you have permitted the third party to share with us, and any information you have made public in connection with that third-party service. You should always review, and if necessary, adjust your privacy settings on third-party websites and services before linking or connecting them to the Platform.
Webflow may also provide Personal Information to its third-party service providers (such as its credit card processors and hosting partners) as necessary to provide the necessary hardware, software, networking, storage, and other services we use to operate the Platform. We do not permit our service providers to use Personal Information we provide to them for any purpose other than providing their services to us. We execute the legally required data processing addenda with all of our service providers.
c. Application integration
To facilitate the exchange of data between third-party SaaS applications, we may need to store certain information (“App Credentials”) that helps us access these third-party SaaS application accounts on your behalf. We store your App Credentials in an encrypted form.
When we access these third-party applications on your behalf, the third-party application provides us with access to certain data. We will use, store, and disclose this data in accordance with this Policy.
You should note that Webflow shall have no liability or responsibility for the privacy practices or other actions of any third-party applications for which you provide us with App Credentials.
d. Log file information
We collect certain technical information from our Customers’ End Users. This information includes Internet Protocol (IP) addresses; the date/time a webpage or feature is accessed; the user agent string that identifies the browser or operating system to the server; installed fonts; mime-types; browser language and time zone; Silverlight data; installed plugins; HTTP headers; and screen resolution.
Webflow uses this information to monitor the volume of our customers’ website traffic. We do this, for instance, to facilitate customer billing when a tiered pricing plan is based on the number of unique visitors to a customer’s website. We also use this technical information for our own security and analytical purposes, such as to measure how many customers have published active websites using our Platform. Lastly, we may use this information to create separate analytics products that we offer to Customers — provided that analytics products would only utilize De-Identified Data — to help Customers understand how their Website Content is being used, to track conversions, and to provide other measurement metrics.
e. Other information disclosure
We may be required to disclose Personal Information to respond to subpoenas, court orders, and law enforcement or governmental requests or investigations, or to establish or exercise our legal rights or defend against legal claims. We may also share Personal Information if we believe it is necessary in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations or our Terms of Service, or as otherwise required by law.
We use or may use information collected by cookies, log files, device identifiers, and clear GIFs information to:
(a) remember information so that you will not have to re-enter it during your visit or the next time you visit the Sites or use the Platform
(b) provide custom, personalized content and information
(c) to provide and monitor the effectiveness of our Platform
(d) monitor aggregate metrics such as total number of visitors, traffic, and demographic patterns
(e) diagnose or fix technology problems
(f) help you efficiently access your information after you sign in
(g) to provide advertising to your browser or device, and
(h) automatically update the Webflow application on your mobile devices.
For more information about cookies, please see Webflow’s Cookie Policy.
We may provide Personal Information to any member of the Webflow team, including our Affiliates, provided that any such activities are in accordance with applicable law.
BASICALLY...
We ask for certain information, like your name, email address, and account credentials, to use Webflow. We use this information to run Webflow and other things mentioned in this policy (like logging and analytics). We also continuously save your work to keep it safe.
Webflow won't sell or rent your personal information to a third party.
Sometimes we aggregate user data anonymously to understand our customer base better.
We may connect with third-party services to improve your experience. These features are governed by the respective company's privacy policy, so review your privacy settings there.
We collect some information from you automatically using cookies so we know when things go wrong, or to help us understand what parts of Webflow need some improvement.
Sometimes the law or subpoenas require us to share information. We may also sometimes need to use information to investigate and prevent wrongful actions.
3. Links to other websites
The Platform contains links to websites and applications other than the Platform, including websites and applications operated by affiliates and other third parties. This Policy applies only to information collected by the Platform.
Webflow does not endorse and is not responsible for the practices of third parties or their websites or applications. We do not determine and are not responsible for the privacy practices or the content of websites or applications operated by third parties. Your browsing and interaction on any third-party website or service, including those that have a link on our website, are subject to that third party’s own rules and policies.
We are not responsible for and we do not control any third parties that you authorize to access your Website Content. If you are using a third-party website or service and you allow such a third-party access to your Website Content, you do so at your own risk.
BASICALLY...
We sometimes link to third-party websites and services. Your use of those sites and services is governed by their respective policies, not ours. So be careful out there, folks.
4. Public forums
Our Platform offers publicly accessible blogs and community forums. If you elect to post something in a public area of our Platform, any Personal Information or content that you voluntarily disclose for posting to the Platform, becomes available to the public, as controlled by any applicable privacy settings. If you remove information that you posted to the Platform, copies may remain viewable in cached and archived pages of the Platform, or if other users have copied or saved that information.
To request removal of your Personal Information from our blog or community forum, contact us at contact@webflow.com. In some cases, we may not be able to remove all your Personal Information.
BASICALLY...
Our blogs and community forums are accessible to the public, so any information provided in these areas, including your personal information, may be read, collected, and used by the public. If you need personal info removed, you can emails us at contact@webflow.com and we’ll remove it, if possible.
5. Customer testimonials / comments / reviews
From time to time, we post Customer testimonials on the Sites which may contain Personal Information. We will always obtain your consent prior to posting any Personal Information included in your testimonial(s).
6. Protection of information
Webflow is committed to ensuring the security of your Personal Information. We use commercially reasonable technological, physical, and administrative security safeguards, such as firewalls and carefully developed security features, to protect the confidentiality and security of your Personal Information on the Platforms. When you enter confidential information (such as login credentials or information submitted from within the Platform) we encrypt the transmission of that information using secure socket layer technology (SSL). These technologies, procedures, and other measures are used in an effort to ensure that your data is safe, secure, and only available to you and to those you authorized to access your data. However, no internet, email, or other electronic transmission is ever fully secure or error-free, so you should take care in deciding what information you send to us in this way. Webflow is not responsible for the functionality or security measures of any third party.
BASICALLY...
The security of your information is extremely important to us. We take many steps to ensure your personal information is safe by using commercially reasonable technology and security safeguards. We are not responsible for the security measures of any third party.
7. Hosting and data transfer
As Webflow is based in the United States, we may host, transfer, and process your Personal Information in the United States or countries other than the United States. Webflow uses a variety of safeguards, including contractual and technical measures, to protect the Personal Information and data we transfer. Webflow will ensure that any of our service providers, processors, or third parties will undergo an adequate privacy vet prior to providing them your Personal Information.
If you are located in the United Kingdom (“UK”), European Union (“EU”), European Economic Area (“EEA”) or Switzerland, please see Webflow’s EU & Swiss Privacy Policy. Webflow is certified under the EU-U.S. and Swiss-U.S. Data Privacy Framework as well as the UK Extension to the EU-U.S. Data Privacy Framework. Webflow is committed to complying with the Data Privacy Framework’s Principles. If you would like to submit a dispute under the Data Privacy Framework you may do so by following the instructions found here.
BASICALLY...
We’re based in the United States, but we may host, transfer, or process data in other countries through third parties that manage our service. By using our service, you are agreeing to this use of data in other countries, which may have different privacy laws. If you’re in the United Kingdom (UK), European Union (EU), European Economic Area (EEA) or Switzerland, check out EU & Swiss Privacy Policy.
TL;DR: We offer Standard Contractual Clauses for the protection of personal data that customers export to us from the UK or EEA.
8. Choice
We process and store information on behalf of our customers. You may decline to submit any Personal Information through the Platform; in which case we may not be able to provide certain services to you.
If you are a Webflow customer and would like to opt out of marketing communications from Webflow, please go to https://webflow.com/dashboard/unsubscribe.
Please refer to your mobile device or browser’s technical information for instructions on how to delete and disable cookies, and other tracking / recording tools. Note that disabling cookies on your mobile device or browser may prevent us or our business partners from tracking your browser’s activities in relation to the Platform. However, doing so may disable many of the features available through the Platform. You may opt-out individually for third-party vendors on their websites, but limitations on data sharing may make it difficult or impossible to provide the Platform after an opt-out. You may also opt out of interest-based advertising provided by participating ad servers through the Digital Advertising Alliance (http://optout.aboutads.info/), the Network Advertising Initiative (http://optout.networkadvertising.org/?c=1), or the European Interactive Digital Advertising Alliance (http://www.youronlinechoices.eu).
California consumers may use the Digital Advertising Alliance’s tool to send requests under the California Consumer Privacy Act (“CCPA”) for a web browser to opt out of the sale of Personal Information by some or all of that framework’s participating companies by accessing the DAA’s tool here: https://www.privacyrights.info/, or by downloading the DAA’s AppChoices mobile application opt-out here: https://youradchoices.com/appchoices.
The AppChoices app is not limited to opt-outs for CCPA purposes and may be used by anyone to limit the collection of cross-app data for interest-based advertising purposes by participating DAA member companies.
BASICALLY...
You can decline to give us certain personal information, though that may impact some of our services (more on that in our Cookie Policy). You can also opt out of receiving marketing information from Webflow.
9. Correcting and updating your information
Customers may update, delete, or change your Personal Information you have provided Webflow by logging in to the Platform and providing such additional information or deleting such information where applicable. If you are not a Customer and would like to gain access to, or request deletion of, information we have collected, please contact us at contact@webflow.com. We will provide a response in accordance with applicable. For the avoidance of doubt, Webflow has no direct relationship with your End Users Any such End Users seeking access to, or who would like to correct, amend, or delete data which may be stored on the Platform should direct their request to you, the Customer. If Webflow receives a request from your End User we will inform you in a commercially reasonable amount of time.
BASICALLY...
You can always access and manage your personal information through your Webflow account, or by emailing us at contact@webflow.com.
10. Data retention
Webflow will retain Personal Information we process on your behalf for as long as necessary to provide the Platform to you, subject to our compliance with this Policy, or as required or permitted under applicable law. We may further retain and processPersonal Information as necessary to comply with our legal obligations; maintain accurate accounting, financial, and other operational records; resolve disputes; and enforce our agreements. We have established internal policies for the deletion of Personal Information following the termination of your Account.
BASICALLY...
We keep your personal information until we no longer need it to provide you with the service. We may also keep your personal information if required by law or to keep our internal records accurate. Once you terminate your account, we’ll delete your personal information, unless we're required by law to retain it.
11. Children's Personal Information
Webflow does not knowingly collect any Personal Information from children under the digital age of consent (13 in the United States, 16 in the EU). If you are under the age of 13 (or the applicable digital age of consent), please do not submit any Personal Information through our Platform. We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce our Policy by instructing their children never to provide Personal Information on our Platform. If you have reason to believe that a child under the age of 13 (or the applicable digital age of consent) has provided Personal Information to Webflow through our Platform, please contact us, and we will delete that Personal Information from our databases without delay.
BASICALLY...
You must be at least 13 years old to use Webflow.
12. Your California privacy rights
This section applies only to California residents. Pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), below is a summary of the Personal Information categories, as identified and defined by the CCPA (see California Civil Code section 1798.140 (o)), that we collect, the reason we collect your Personal Information, where we obtain the Personal Information, and the third parties with whom we may share your Personal Information.
We generally collect the following categories of Personal Information about you when you use our Site or services:
- identifiers such as a name, address, unique personal identifier, email, phone number, your device’s IP address, software, and identification numbers associated with your devices;
- protected classifications, such as gender;
- commercial information such as records of products or services purchased, obtained, or considered by you;
- Internet or other electronic information regarding your browsing history, the webpage visited before you came to our Sites, length of visit and number of page views, click-stream data, locale preferences, your mobile carrier, date and time stamps associated with transactions, and system configuration information;
- audio recordings of your voice to the extent you call us, as permitted under applicable law;
- professional or employment-related information.
We generally do not collect education-related or biometric information, geolocation information, or inferences about your preferences, characteristics, behavior and attitudes. For more information about the Personal Information we collect and how we collect it, please refer to Sections 1 and 2, above.
We collect your Personal Information for the business purposes described in Section 2, above. The CCPA defines a “business purpose” as the use of Personal Information for the business’s operational purposes, or other notified purposes, provided the use of Personal Information is reasonably necessary and proportionate to achieve the operational purpose for which the Personal Information was collected or another operational purpose that is compatible with the context in which the Personal Information was collected.
The categories of third parties with whom we may share your Personal Information are listed in Section 2, above.
BASICALLY...
If you're a resident of California, you can ask us to send you a list of the types of personal information we share with our affiliates and third parties for marketing purposes.
13. U.S. State Privacy Rights
Residents of certain U.S. states, including but not limited to California, Colorado, Connecticut, Virginia, and Utah, may have additional rights in relation to their Personal Information. However, these rights may be subject to certain exceptions. For instance, we may be unable to disclose specific pieces of Personal Information if the disclosure would create a substantial, articulable, and unreasonable risk to the security of Personal Information, your Account with us, or the security of our network systems. Your rights may include:
- Right Against Discrimination - You have the right not to be discriminated against for exercising any of the rights described in this section. We will not discriminate against you for exercising your right to know, delete or opt-out of sales.
- Right to Know - You have the right to request in writing: (i) a list of the categories of personal information, such as name, address, email address, that a business has disclosed to third parties during the immediately preceding calendar year for the third parties' direct marketing purposes, and (ii) the names and addresses of all such third parties. In addition, you have the right to request: (i) the categories of personal information we have collected about you, (ii) the categories of sources from which personal information is collected, (iii) the business or commercial purpose for the information collection, (iv) the categories of third parties with whom we have shared personal information, and (v) the specific pieces of personal information we hold about an individual. You have the right to request a copy of the specific Personal Information we collected about you during the 12 months before your request.
- Right to Delete - You have the right to request us to delete any Personal Information we have collected from you or maintain about you, subject to certain exceptions.
To assert your right to know or your right to delete your Personal Information, please contact us according to the “Contact Us” section below. To verify your identity, we may ask you to verify Personal Information we already have on file for you. If we cannot verify your identity from the information we have on file, we may request additional information from you, which we will only use to verify your identity, and for security or fraud-prevention purposes.
Right to Opt-Out of Selling. As described in this Privacy Policy, in certain situations we may share your Personal Information with certain third parties for our marketing or other purposes. To the extent such sharing is considered a “sale” under the CCPA, as a California resident you have the right to opt-out of such sharing. If you would like us to no longer share your Personal Information in this way, you can opt-out by visiting the following web page: Do Not Sell My Info. If you opt-out, we may be unable to offer you some of our Platforms which require sharing of Personal Information.
California consumers may also use the Digital Advertising Alliance’s tool to send requests under the California Consumer Privacy Act (“CCPA”) for a web browser to opt out of the sale of personal information by some or all of that framework’s participating companies by accessing the DAA’s tool here: https://www.privacyrights.info/, or by downloading the DAA’s AppChoices mobile application opt-out here: https://www.privacyrights.info/appchoices.
The AppChoices app is not limited to opt-outs for CCPA purposes and may be used by anyone to limit the collection of cross-app data for interest-based advertising purposes by participating DAA member companies.
In addition, under California Civil Code Sections 1798.83–1798.84, California residents are entitled to ask us for a notice identifying the categories of Personal Information which we share with our affiliates and/or third parties for marketing purposes, and providing contact information for such affiliates and/or third parties.
If you are a California resident and would like a copy of this notice, please submit a written request to: privacy@webflow.com or Webflow Inc., 398 11th Street, San Francisco, CA 94103.
BASICALLY...
If you're a resident of certain U.S. states you may have additional privacy rights.
14. Changes to the Privacy Policy
We reserve the right to modify, update, or change this Policy from time to time in the usual course of business, so we encourage you to review this page periodically. Notwithstanding, when we change this Policy in a material manner, we will update the effective date at the top of this page and provide you with reasonable advance notice before the updates to this Policy become effective. Webflow may provide such notifications to you via email notice, written or hard copy notice, and/or through posting of such notice on the Platform. We reserve the right to determine the form and means of providing notifications to you. You may be required to click-to-accept or otherwise agree to the updated Policy, but in any event your continued use or access of the Platform after the effective date of the updated Policy shall constitute your agreement to the updated Policy. The Policy will be effective as of the date specified in the effective date at the top of this page, and will apply to your use of the Platform from that point forward. If we update this Policy in a non-material manner after the effective date, we will update the last modified date at the top of this page. If you choose not to agree to this Policy or any future updated Policy, you may not use or access (and must discontinue any use or access to) the Platform. Webflow is not responsible for any automatic filtering you or your network provider may apply to email notifications we send to the email address you provide us.
BASICALLY...
We may change our privacy policy from time to time. If we make any major changes, we’ll let you know by email or by a prominent notice on our site(s). As mentioned above, your continued use of the Platform means you agree to be bound by this privacy policy, so be sure to check it occasionally.
If we realize we forgot a punctuation mark somewhere or we need to make an immaterial change to some wording, we will update the Last Modified Date, so you can see the last time we touched the terms in any way. E.g. we will update the Last Modified date but will spare your inbox if our lawyers decide that they now prefer the word "regardless" over "notwithstanding."
15. Business transactions
Webflow may assign or transfer this Policy, and your user account and related Personal Information, to any person or entity that acquires all or substantially all of the business, stock or assets of, or is merged with Webflow. We may also transfer or assign such information in the course of corporate divestitures, mergers, acquisitions, bankruptcies, dissolutions, or similar transactions or proceedings, provided that the recipient of such information will continue to be bound by the terms of this Privacy Policy.
16. Contact us
If you have questions regarding this Policy or about the privacy practices of Webflow, please contact us by email at privacy@webflow.com, or at:
Webflow, Inc.
398 11th Street, 2nd Floor
San Francisco, CA 94103