The fine print, made plain.

1.1 Who we are

DWebDesign is an AI-augmented design and development studio operated as a sole proprietorship in Israel. Throughout this document, "DWebDesign", "we", "us", or "our" refers to the studio. "Client", "you", or "your" refers to the individual or entity purchasing services.

1.2 Acceptance

You accept these Terms when you do any of the following: (i) place an order through our website; (ii) pay a deposit, retainer, or full project fee; (iii) sign a Statement of Work, Master Service Agreement, or Order Form; or (iv) instruct us in writing to begin work. If you accept on behalf of a company, you represent that you have authority to bind that entity.

1.3 Scope of services

We provide website design, development, and related digital services as described on our pricing pages and in any project-specific Statement of Work. Each engagement falls into one of three product tiers:

• Quick-launch builds ($499 – $3,490): Express LP, Starter Site, Shopify Express. Fixed scope, fixed price, fixed timeline.
• Custom builds ($1,990 – $14,990): Pro Business, Pro+AI, Shopify+AI, Agency, E-commerce Pro, Enterprise. Quote-configured scope with documented deliverables.
• Premium / Studio-tier (custom pricing, scope-based): Pro Business Premium, MONOLITH-tier showcases, and similar. Bespoke design system, animations, custom interactions.

Any service not explicitly listed in your accepted Order or Statement of Work is out of scope and will be billed separately under our change-order process (see § 1.6).

1.4 Pricing & payment

• Prices are in USD unless otherwise stated. VAT may apply for Israeli clients.
• Standard payment structure (50/50 milestone):
  • Phase 1 — Project Start: 50% of the total quoted amount, due before work begins. Covers discovery, design mockups, scope confirmation, brand integration, copy review, and included design revisions per § 1.7.
  • Phase 2 — Final Approval Before Launch: Remaining 50%, due when you have approved the completed project on staging and we are ready to push it live. Covers final build polish, deployment, launch support, and the 30-day post-launch warranty per § 1.10.
• Pay-in-full option: 5% discount available on any tier ($490 floor) when you elect to pay 100% upfront instead of 50/50. Once paid in full, the discount is locked. Project then proceeds without a second payment milestone.
• Payment platforms: Payments are processed through PayPal or Payoneer. We do not accept direct credit card or wire transfer. We never store your card details — the payment processor handles all transaction data.
• Terms acceptance: Before Phase 1 payment is processed, you must accept these Terms via the checkbox on the payment page. Your acceptance is timestamped and recorded.
• Late payment of Phase 2: If Phase 2 payment is not received within 14 days of project approval on staging, the project remains in escrow on our servers and is not pushed live. After 30 days, the project may be archived (recoverable upon Phase 2 payment) or terminated under § 1.12.
• Late payment interest: Outstanding balances accrue interest at 1.5% per month or the maximum rate permitted by Israeli law, whichever is lower.

1.5 Timelines & delivery

Our quoted timelines assume reasonable client responsiveness. Delays caused by late content delivery, late approvals, or scope changes shift the timeline by an equivalent amount. Specifically:

• Client review periods: 5 business days. After 5 business days without feedback, the deliverable is deemed approved.
• Content (text, images, brand assets): due at project kickoff. If not provided within 14 days, we may pause the project and resume billing at our then-current rates.
• Force majeure (illness, war, infrastructure outage, third-party platform issues): reasonable extensions granted, no penalties either way.

1.6 Change orders & scope creep

Any request beyond the documented scope — new pages, new features, design overhauls after approval, additional revisions beyond the included quota — triggers a Change Order. We will quote the additional cost and timeline impact in writing. Work on the change does not begin until you approve the Change Order.

1.7 Revisions

Each project includes a defined number of revision rounds, listed in your Statement of Work. Typical inclusions:

Additional rounds beyond the included quota are billed at $95/hour.

1.8 Intellectual property

Upon receipt of full payment, we assign to you all rights in the final delivered website (custom code, custom designs created specifically for your project, content we wrote for you). You will own and may use, modify, and license that final product without restriction.

The following are not assigned and remain our property or remain governed by their original licenses:

• Reusable code libraries, frameworks, and components we built before your project or use across multiple clients;
• Third-party assets (stock photos, fonts, plugins, themes) that retain their original licenses;
• AI-generated content where copyright cannot legally vest under U.S. or Israeli law (see § 6);
• Our methodologies, processes, templates, and know-how.

You grant us a non-exclusive license to display the completed work in our portfolio, case studies, and marketing materials unless you have a confidentiality clause that prohibits this.

1.9 Client warranties

You warrant that any content you provide to us — logos, photos, copy, brand materials, customer data — is either owned by you or properly licensed for the use you're requesting. You agree to indemnify and hold us harmless from claims arising from infringement of third-party rights in client-provided content.

1.10 Our warranty & disclaimers

We warrant that for 30 days after launch, we will fix at no charge any bugs in code we wrote that prevent the site from functioning as specified in the Statement of Work. Outside that window, fixes are billable per § 1.7 or under a maintenance retainer.

Complimentary maintenance bonus: For builds with a final total of $1,500 or more, we include 30 days of complimentary monthly maintenance ($200–$500 value) following launch. This covers CMS updates, security patches, backups, and uptime monitoring. The bonus is purely a goodwill add-on; it does not extend the bug-fix warranty or create a continuing obligation. After 30 days, you may continue at our standard monthly maintenance rate or cancel with no further obligation.

We do not warrant that the site will (i) generate any specific level of traffic, leads, or revenue; (ii) achieve any particular search-engine ranking; (iii) remain bug-free as third-party services (hosting, plugins, browsers, AI APIs) evolve; or (iv) be free of vulnerabilities discovered after launch. Cybersecurity is an arms race; we follow best practices but make no perfection guarantee.

EXCEPT AS EXPRESSLY STATED, ALL SERVICES ARE PROVIDED "AS IS" AND "AS AVAILABLE". WE DISCLAIM ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

1.11 Limitation of liability

Our total cumulative liability arising from or related to a project — whether in contract, tort, statutory, or any other theory — is capped at the total amount actually paid by you to us for that specific project in the twelve months preceding the claim. We are not liable for indirect, incidental, consequential, special, exemplary, or punitive damages, including lost profits, lost data, or business interruption, even if we were advised of the possibility.

This cap does not apply to: (i) liability that cannot lawfully be limited under Israeli law (e.g., gross negligence, intentional misconduct, personal injury caused by us); (ii) your indemnity obligations under § 1.9; or (iii) breaches of confidentiality where the cap is replaced by a super-cap of three times the project fee.

1.12 Termination

Either party may terminate a project for material breach if the breach is not cured within 14 days of written notice. On termination:

• You pay for all work performed through the termination date plus any non-cancelable third-party costs already incurred on your behalf.
• We deliver work-in-progress files in their current state.
• Phase 1 payment is not refunded once work has begun, as it covers discovery, design, and revisions performed (see § 4.2 for the refund matrix).
• Phase 2 payment, if not yet collected, is not owed if termination occurs before final approval.
• Rights in work-in-progress assets transfer only upon full payment of all amounts due per § 1.8.

1.13 Confidentiality

Each party agrees to keep confidential any non-public information it learns about the other party in the course of the engagement, for a period of 3 years after the project ends. This survives termination.

1.14 Governing law & dispute resolution

These Terms are governed by the laws of the State of Israel without regard to conflict-of-law principles. Disputes shall first be addressed via good-faith negotiation. If unresolved within 30 days, exclusive jurisdiction lies with the competent courts in Tel Aviv-Yafo District, Israel. For clients who are EU consumers, you retain any rights you have under your local mandatory consumer protection laws.

1.15 Changes to these Terms

We may update these Terms from time to time. The "Last updated" date at the top of this section reflects the current version. For material changes, we'll notify active clients via email at least 14 days before they take effect. Continued use of services after the effective date constitutes acceptance.

1.16 Miscellaneous

• Entire agreement. These Terms, together with any signed Statement of Work, MSA, or Order Form, constitute the entire agreement and supersede all prior discussions.
• No waiver. Failure to enforce any provision is not a waiver of future enforcement.
• Severability. If any provision is held unenforceable, the remainder stays in effect.
• Assignment. You may not assign these Terms without our written consent. We may assign in connection with a sale or restructuring of our business.
• Notices. Email to legal@dwebdesign.com is sufficient for any notice required hereunder.

2.1 Who is the data controller

DWebDesign is the data controller for personal data collected through our website (dwebdesign.com) and during client engagements. For data you upload to platforms we manage on your behalf (your own customers' data on your site), you are the controller and we are the processor — see § 8 (DPA).

Contact for privacy matters: privacy@dwebdesign.com

2.2 What we collect

Account & contact data

Name, email address, phone number, company name, country, language preference. Source: forms you submit on our site.

Project data

Brief content, brand assets, references, content drafts you provide. Source: your uploads during intake.

Payment data

Transaction amount and payment confirmation IDs — routed through our payment processors (PayPal and Payoneer). We do not handle or store card numbers, CVVs, or bank credentials at any time.

Technical data

IP address, browser type, device type, pages visited, referring URL, timestamps. Collected via our analytics provider (privacy-respecting analytics, no cross-site tracking).

Communications

Emails, chat messages, project-management board comments. Retained for project records and client support.

2.3 Why we collect (lawful bases under GDPR & Israeli PPL)

2.4 How long we keep your data

• Active client records: for the duration of our engagement plus 7 years after completion (Israeli tax law requirement).
• Inquiry-only contacts (no purchase): 24 months from last interaction.
• Marketing list: until you unsubscribe.
• Site analytics: 14 months for aggregated data, then auto-deleted.

2.5 Who we share with

We share data only with sub-processors who help us run the business, under written agreements that match our privacy commitments:

We do not sell, rent, or trade personal data. We disclose data to authorities only when required by law (court order, lawful request) and will notify you unless legally prohibited.

2.6 International transfers

DWebDesign is based in Israel, which has been recognized by the European Commission as providing an adequate level of data protection (Decision 2011/61/EU, reaffirmed January 2024). Personal data transferred from the EEA to Israel does not require additional safeguards.

Where sub-processors are outside Israel and the EEA, we rely on EU-approved Standard Contractual Clauses (SCCs) or the EU–US Data Privacy Framework, as applicable.

2.7 Your rights

Under Israeli Privacy Protection Law (as amended by Amendment 13, effective August 14, 2025) and the EU GDPR, you have the right to:

• Access the personal data we hold about you;
• Rectify inaccurate or outdated data;
• Delete your data, subject to our legal retention obligations;
• Object to processing based on legitimate interests;
• Withdraw consent at any time (without affecting prior lawful processing);
• Receive your data in a portable, machine-readable format;
• Lodge a complaint with the Israeli Privacy Protection Authority (PPA) or your local EU data protection authority.

Send requests to privacy@dwebdesign.com. We respond within 30 days. We may verify your identity before fulfilling certain requests.

2.8 Security

We follow the security requirements of the Israeli Privacy Protection (Data Security) Regulations 5777-2017 and equivalent GDPR Article 32 standards: encrypted backups, access controls, password discipline, software updates, periodic risk review. No internet-connected system is 100% secure; in the unlikely event of a data breach affecting your personal data, we will notify the PPA and affected individuals as required by law.

2.9 Children

Our services are intended for businesses and adults. We do not knowingly collect data from children under 16. If you believe we have collected such data, contact us and we will delete it.

2.10 Changes

If we make material changes to this policy, we'll update the date above and notify clients with active accounts via email. Continued use after the effective date means acceptance.

3.1 What are cookies

Cookies are small text files stored in your browser when you visit a website. They help the site remember your preferences, keep you logged in, measure how the site is used, and (in some cases) deliver relevant ads. Similar technologies include local storage, session storage, pixels, and SDKs — we treat them all under the same rules.

3.2 Categories we use

3.3 Managing your choices

• Consent banner: Appears on first visit. Choose "Accept all", "Reject non-essential", or "Customize".
• Change later: Click "Cookie preferences" in the footer at any time.
• Browser controls: Most browsers let you block or delete cookies in settings. Doing so may break functional features (preferences won't persist, you'll be logged out, etc.).
• Do Not Track / Global Privacy Control: We honor GPC signals from your browser as a valid opt-out for analytics and marketing categories.

3.4 Israeli PPL compliance

Under Amendment 13 to the Israeli Privacy Protection Law, consent for non-essential cookies must be specific, informed, and freely given. We collect consent before any non-essential cookie loads. Records of consent are retained for 24 months.

4.1 Right of cancellation under Israeli Consumer Protection Law

Pursuant to the Israeli Consumer Protection Law 5741-1981 and the Cancellation of Transactions Regulations 5771-2010, consumers in Israel may cancel a remote-sale transaction within 14 days from the later of (a) the date of the transaction, or (b) the date you received the documents required by the law.

For consumers who are persons with disabilities, senior citizens (65+), or new immigrants, where the purchase included a conversation with a representative, the cancellation window is extended to 4 months.

Cancellation fees: 5% of the transaction value or ₪100, whichever is lower.

4.2 What is and isn't refundable

Refundability maps directly to the project phase you're in. Each phase corresponds to specific work performed and paid for.

The plain-English version: Your Phase 1 payment buys discovery, design, and revisions. Once we've started that work, the payment is not refunded — you've consumed the work. Your Phase 2 payment buys build polish and launch. It's only due when you've approved the project, and if you stop the project before approval, the second 50% is never owed. After launch, everything is final except the 30-day bug warranty.

4.3 The "custom-built" exemption

Under Section 14C(d)(2) of the Israeli Consumer Protection Law, transactions for goods or services made specifically to the consumer's specifications are exempted from the statutory right of cancellation once production has begun. Because every DWebDesign project is custom-built per the client's brief (custom design, custom copy, custom configuration), the exemption applies once we move past the discovery-only stage of Phase 1.

This is consistent with longstanding Israeli case law and PPA enforcement guidance (Policy 11.06.2018).

4.4 How to cancel

• Send a written notice to dwebstudiodesign@gmail.com with your name, project ID, and reason.
• We confirm receipt within 2 business days and process the refund (where due) within 14 days to the original payment method (PayPal or Payoneer).
• Refunds are issued in the original transaction currency. Currency-conversion losses, if any, are not reimbursed.

4.5 EU consumers

If you are a consumer resident in the EU, you have a 14-day "right of withdrawal" under EU Directive 2011/83/EU. Note that the same custom-build exemption (Article 16(c) of the Directive) applies once we begin design work to your specifications — this aligns with Israeli law.

4.6 Pro Business Premium launch sale

Pro Business Premium and other Premium-tier builds are quoted on a scope-by-scope basis. Quotes are valid for 14 days from issue; after that, current rate cards apply. Cancellation and refund rules above apply equally regardless of quoted amount.

4.7 Pay-in-full 5% discount

The 5% pay-in-full discount applies when you elect to pay 100% of the project total upfront (no 50/50 milestone split). The discount is locked at the moment of full payment. If you cancel a project paid in full before discovery begins, the full amount is refundable (minus the 5% / ₪100 Israeli statutory fee for Israeli consumers). Once discovery begins, the same custom-build exemption applies to the full payment.

5.1 Prohibited content & uses

We will not design, develop, or host sites that:

• Promote, distribute, or facilitate illegal activity under Israeli, EU, or U.S. law (drug trafficking, weapons trafficking, money laundering, terrorism financing, sanctions evasion, etc.);
• Distribute or host child sexual abuse material (CSAM) of any kind, in any form — we report such content to authorities and the Internet Watch Foundation;
• Promote discrimination, hatred, or violence against people based on race, ethnicity, religion, gender, sexual orientation, disability, or other protected characteristics under Israeli or EU law;
• Facilitate intentional deception — phishing sites, fake-product scams, fraudulent fundraising, cloned brand sites;
• Distribute malware, ransomware, spyware, or surveillance tools intended to harm users without consent;
• Engage in copyright or trademark infringement — including pirate streaming, counterfeit goods, unauthorized brand impersonation;
• Operate as a platform for unsolicited bulk email (spam) or commercial messaging that violates anti-spam laws (CAN-SPAM, GDPR, Israeli Sec. 30A);
• Host non-consensual intimate imagery (revenge porn, deepfakes of real people without their consent);
• Run unregistered gambling or financial-securities operations in jurisdictions that require licensing.

5.2 Conditional categories — require additional review

We may take projects in these categories with extra contractual safeguards (additional indemnification, content review, age-verification requirements, etc.):

• Adult content (legal, consensual, age-gated only);
• Cannabis & CBD products (where legal in target market);
• Firearms & weapons (legal sellers only);
• Crypto & Web3 projects (with regulatory compliance documentation);
• Gambling & gaming-of-chance (licensed operators only);
• Health, medical, and supplement claims (FDA / EMA / Israeli Health Ministry compliance required).

5.3 Consequences of violation

If we discover during or after a project that the site is being used for prohibited purposes, we may:

• Suspend or terminate the engagement immediately, with no refund of fees paid;
• Withhold delivery of work-in-progress;
• Notify hosting providers, payment processors, and law enforcement as appropriate;
• Pursue damages for reputation harm and legal costs.

6.1 AI in our workflow

DWebDesign uses generative AI tools throughout the design and development process, including (without limitation):

• Code assistance: Claude, GitHub Copilot, Cursor for development acceleration;
• Image generation: Midjourney, Stable Diffusion, DALL·E for placeholder art and explorations;
• Copywriting assistance: Claude, GPT-class models for first drafts and editing;
• Video processing: AI upscaling, watermark removal (only on assets we have rights to), background removal;
• Research: AI-powered search, summarization, competitor analysis.

6.2 Human authorship in every deliverable

Every deliverable we ship reflects substantial human creative decisions: brief interpretation, prompt engineering, output selection, editing, integration, and final approval. This human-authorship layer is what makes the work copyrightable under U.S. and Israeli law (per the U.S. Copyright Office's January 2025 report on AI copyrightability, and Israeli PPA's April 2025 AI Guidelines).

Where AI output appears in your final deliverable, it has been reviewed, edited, and approved by us — you are receiving a human-authored work that uses AI as a tool, not a machine-generated output presented as our own creative work.

6.3 What we warrant about AI use

• We use AI tools subject to their commercial terms of service, with appropriate paid plans where required;
• We do not knowingly use AI outputs that infringe third-party copyrights or trademarks;
• We document our prompt history and edit decisions for any deliverable on request, for clients who require provenance records (financial, legal, government clients);
• We do not feed your confidential business information or customer data into AI tools without contractual protections (enterprise plans with data-isolation, no-training clauses).

6.4 What we don't warrant

AI is a probabilistic technology. We cannot guarantee:

• That AI tools will never produce output that resembles existing protected works (the "training data attribution" problem);
• That AI providers will not change their terms, pricing, or availability;
• That the U.S. Copyright Office or other registries will register works that include any AI elements (their position has been evolving since 2023);
• That courts in any jurisdiction will rule a particular work copyrightable.

6.5 Indemnification carve-out for AI infringement

The IP indemnification we provide under the MSA (§ 7) excludes claims arising from AI-generated portions of deliverables where (i) our AI providers' terms disclaim infringement liability, and (ii) our prompt history shows reasonable diligence to avoid known protected works. In such cases, we will assist your defense at our hourly rates.

6.6 Client disclosure requirements

If your industry or client requires disclosure of AI use (regulated industries, government contracts, certain agency procurement frameworks), tell us at kickoff. We'll add a written AI Use Statement to your project documentation describing tools, prompts, and human-edit decisions.

7.1 Structure

The MSA is a 2-tier framework:

• MSA (signed once per client): IP, confidentiality, indemnification, limitation of liability, governing law, dispute resolution.
• SOW (signed once per project): scope, deliverables, milestones, fees, timeline, payment schedule, named team members, change-order process.

7.2 Key MSA provisions

IP assignment on payment

All custom deliverables transfer to client upon receipt of full payment. We retain rights in pre-existing materials and reusable libraries.

Mutual confidentiality (3 years post-termination)

Each party protects the other's non-public information.

IP indemnification (we defend you)

We defend & indemnify you against third-party claims that our deliverables infringe IP rights, with carve-outs for client-provided content (§ 1.9), AI-generated portions (§ 6.5), and modifications you make after delivery.

Mutual limitation of liability (caps at fees paid)

Cumulative liability capped at fees paid in the 12 months preceding the claim. Carve-outs for confidentiality breach (3x cap), gross negligence, intentional misconduct.

Termination for convenience (with 30-day notice)

Either party may terminate with 30 days written notice. Client pays for completed milestones; we deliver work-in-progress.

Dispute resolution

Good-faith negotiation → mediation in Tel Aviv → courts of Tel Aviv-Yafo District. EU consumers retain mandatory local protections.

Insurance

We maintain professional liability (E&O) insurance appropriate to our business size. Certificate available on request for projects above $5,000.

7.3 SOW structure

Each SOW includes: project name, scope statement (what's in / out), deliverable list, milestone schedule, named acceptance criteria, fee total, payment schedule, change-order rate, your designated approver, and any project-specific terms (special IP arrangements, confidentiality variants, accessibility levels, etc.).

7.4 Getting the MSA

For projects requiring an MSA, contact us at legal@dwebdesign.com after your initial proposal. We typically deliver a draft within 2 business days. We accept reasonable client redlines and will note where our position is firm.

8.1 When you need a DPA

You need a DPA from us if:

• We process personal data of your customers, employees, or end-users on your behalf (e.g., we host your contact form submissions, manage your CRM, run your e-commerce backend);
• You're an EU/UK controller subject to GDPR § 28 (which mandates a DPA with every processor);
• You're a regulated business (finance, health, government) with vendor-DPA requirements;
• Your customers include EU residents whose data we'll touch.

You don't need a DPA if we're just building your site and you'll operate it yourself afterward (no ongoing data processing by us).

8.2 What the DPA covers

Roles

You are the data controller. DWebDesign is the data processor. We act only on your documented instructions.

Data categories & subjects

Documented per-engagement: typically end-user emails, names, order data, browsing data, depending on your business.

Sub-processors

Listed in the appendix (matches § 2.5 above). Adding new sub-processors triggers 14-day notice and your right to object.

Security measures

Technical and organizational measures per GDPR Article 32 and Israeli Privacy Protection (Data Security) Regulations 5777-2017: encryption in transit and at rest, access controls, logging, incident response.

Data subject rights

We assist you in responding to access, correction, deletion, and portability requests within reasonable timeframes.

Breach notification

We notify you of any personal-data breach affecting your data within 48 hours of discovery, with details required to enable your own regulatory notifications.

International transfers

Standard Contractual Clauses (SCCs) attached as appendix where required. Israel adequacy makes EU-to-Israel transfers straightforward; further transfers to U.S. sub-processors rely on the EU–US Data Privacy Framework.

Termination & data return

On termination, we return or delete your data within 30 days, except where Israeli or EU law requires retention.

Audit rights

Annual remote audit (questionnaire-based) at no cost. On-site audits available at your expense, with reasonable notice.

8.3 Getting the DPA

Email legal@dwebdesign.com with subject "DPA Request — [your company]". We'll send a pre-filled DPA based on the project scope within 3 business days. We accept your standard DPA template too, subject to legal review and reasonable adjustments.