Privacy Policy
for Sellencer GmbH
Effective Date: 11 March 2024
Introduction
Welcome to Sellencer GmbH (“Sellencer,” “we,” “us,” or “our”). This Privacy Policy describes how we collect, use, and disclose information in connection with your use of our website and platform (“Services”). We are committed to protecting the privacy and security of your information and complying with the General Data Protection Regulation (GDPR) and other applicable data privacy laws. We prioritize transparency and want to empower you with a clear understanding of your data rights.
Information Collected
We collect information from you in a variety of ways when you use our Services, categorized as personal data and non-personal data under GDPR.
Personal Data (Requires Legal Basis for Processing):
- Contact Information: Name, email address, phone number (collected during account creation, support requests, and communication).
- Store Details (Shopify Store Owners):
- Store URL (public information)
- Product data (excluding pricing and customer details)
- Order data (excluding customer names, addresses, and any other Personally Identifiable Information (PII) of your customers)
- Influencer Profile Information (if applicable): Public social media data (username, follower count, bio information)
- Usage Data (if pseudonymised and used to identify an individual): Pages viewed, features used, search queries (collected to improve our platform and personalize your experience).
- Device Information: IP address, device type, operating system (collected for security purposes and platform optimization).
Non-Personal Data:
- Information collected through cookies and similar technologies (refer to our Cookie Policy for details).
We strive to minimize the collection of personal data and only process it when necessary to fulfill our contractual obligations, deliver our Services, or pursue our legitimate interests, always ensuring a balance that respects your privacy rights.
Legal Basis for Processing
We process your personal data only when we have a lawful basis to do so under the GDPR. The legal basis for our processing may include:
- Contract: To fulfill our contractual obligations with you, such as providing access to the Sellencer platform, facilitating influencer marketing campaigns, and offering customer support.
- Consent: For certain purposes, such as sending marketing communications or analyzing your usage data to personalize your experience, we will only process your data with your explicit consent. You can withdraw your consent at any time by contacting us or using the opt-out mechanisms provided within the Services.
- Legitimate Interests: We may process your personal data for our legitimate interests, such as improving our Services, preventing fraud, and ensuring the security of our platform. However, we will only do so if your interests and rights do not override our legitimate interests.
We will always inform you of the legal basis for processing your personal data when we collect it.
Your Data Subject Rights under GDPR
Under the GDPR, you have certain rights regarding your personal data:
- Right to Access: You have the right to request a copy of the personal data we hold about you, free of charge, within one month of your request.
- Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. We will respond to your request within one month.
- Right to Erasure (Right to be Forgotten): You have the right to request that we erase your personal data, subject to certain exceptions, such as legal obligations to retain data. We will respond to your request within one month.
- Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data, for example, if you contest the accuracy of the data or object to its processing.
- Right to Data Portability: You have the right to request that we transfer your personal data to another controller in a structured, commonly used, and machine-readable format.
- Right to Object: You have the right to object to the processing of your personal data for certain purposes, such as direct marketing. We will stop processing your data for that purpose unless there are compelling legitimate grounds to continue.
You can exercise these rights by contacting our Data Protection Officer (DPO) using the information below.
Data Retention Period
We will retain your personal data for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. For example, we may need to retain certain data for tax or legal purposes. We will then take steps to securely delete or anonymize your information.
Security Measures
These measures include:
Data Security:
- Encryption: We use Bcrypt hashing and other encryption techniques to protect sensitive personal data, such as passwords, while it is stored in our databases.
- Secure Data Transmission: We use secure data transmission protocols (HTTPS and TLS v1.2 at minimum) to encrypt data in transit between your device and our servers.
- Access Controls: We implement strict access controls within our organization to limit access to your personal data to authorized personnel only.
- Regular Security Audits: We conduct regular security audits to identify and address any potential vulnerabilities in our systems.
Organizational Measures:
- Data Protection Policy: We have a comprehensive Data Protection Policy that outlines our data security practices and employee training procedures.
- Employee Training: Our employees are regularly trained on data privacy and security best practices.
- Incident Response Plan: We have a documented incident response plan in place to address any data security breaches.
We are committed to continuously improving our security measures to ensure the ongoing protection of your personal data.
International Data Transfers
If we transfer your personal data to countries outside the European Economic Area (EEA), we will ensure that adequate safeguards are in place to protect your data, such as:
- Standard Contractual Clauses: We may use standard contractual clauses approved by the European Commission to ensure that your personal data is protected when transferred to countries outside the EEA.
- Certification Schemes: We may transfer your personal data to countries that have been approved by the European Commission as having an adequate level of data protection.
We will inform you if we intend to transfer your personal data outside the EEA and explain the safeguards that will be put in place.
Children's Privacy
Our Services are not directed to children under 18. We do not knowingly collect information from children under 18. If you are a parent or guardian and believe your child has provided us with personal data, please contact us using the information below. We will take steps to delete the data from our systems.
Cookies and Similar Technologies
We use cookies and similar technologies on our website and platform to collect information about your browsing activity and preferences. For detailed information on how we use cookies and your cookie management options, please refer to our separate Cookie Policy.
Social Media
Sellencer GmbH utilizes social media platforms (e.g., LinkedIn, Facebook, Instagram). We may collect publicly available information from your social media profiles, such as your username, follower count, and bio information, to connect you with influencer marketing opportunities (if applicable). We are jointly responsible with the social media provider for the processing of personal data collected in connection with your visit to our profile or page on the individual social media platform. Please refer to the privacy policies of those respective platforms for more information.
Changes to the Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our data practices or applicable laws. We will notify you of any material changes by posting the new Privacy Policy on our website. You are encouraged to review the Privacy Policy periodically to stay informed about updates.
Contact Information
If you have any questions about this Privacy Policy or your data subject rights, please contact our Data Protection Officer (DPO):
- Email: [email protected]
- Address: Kolonnenstraße 8, 10827 Berlin