Privacy Policy and Data Protection
Last Updated: August 25, 2025
Introduction
Geobuyer ® Limited (referred to as "we," "us," or "our") has developed this website and mobile application, Geobuyer (hereinafter "Application"). This Privacy Policy outlines how we collect, use, share, and protect the personal data of users of our Application and Website in compliance with European Union law, including the General Data Protection Regulation (GDPR), Regulation (EU) 2016/679, and relevant US regulations (California Consumer Privacy Act - CCPA) where applicable.
Categories of Personal Data Collected
We may collect and process the following categories of personal data:
- Contact Information: Name, email address, phone number, and mailing address.
- Financial Data: Payment information, transaction history.
- Location Data: Geolocation information (upon user consent).
- Technical Data: IP address, device type, operating system, browser type, and version.
- Usage Data: Application interaction data, purchase history, preferences, and browsing activity.
- Cookies and Tracking Data: Data on user interactions with the Application through cookies and similar technologies.
- Analytics Data (Firebase Analytics): Information about user interaction with the Application (e.g., session duration, navigation flows, clicks, app launches), device identifiers (Advertising ID, Instance ID), crash reports, and marketing attribution data.
Use of Personal Data
Collected data may be used for the following purposes:
- Providing and improving the Application's functionality and performance
- Customizing user experiences
- Processing and fulfilling user requests and orders
- Analyzing user behavior to enhance our services
- Analytics and Statistics: Measuring Application usage, identifying bugs, evaluating feature effectiveness, and optimizing marketing campaigns using Firebase Analytics.
- Marketing communications (upon user consent)
- Legal compliance and safeguarding our rights and interests
Legal Basis for Processing
- Consent (Article 6(1)(a) GDPR): For specific activities like marketing
- Contract Performance (Article 6(1)(b) GDPR): For fulfilling service agreements with users
- Legal Obligation (Article 6(1)(c) GDPR): Compliance with applicable laws
- Vital Interests (Article 6(1)(d) GDPR): Protecting user or third-party safety
- Legitimate Interests (Article 6(1)(f) GDPR): Conducting marketing research, protecting our interests, and maintaining security
Sharing of Data with Third Parties
- With user consent
- To comply with legal obligations
- With partners and service providers who assist us in delivering our services
- With law enforcement or government authorities as required by law
- With Google LLC (Firebase Analytics), which processes Application usage data on our behalf in order to provide analytics and reporting services. For more details, please see Google Privacy Policy
International Data Transfers
If personal data is transferred outside the European Economic Area (EEA), we ensure adequate protection through European Commission-approved standard contractual clauses or other legally compliant mechanisms.
As Firebase services are operated by Google LLC, data may be transferred and processed in the United States or other jurisdictions. These transfers are safeguarded by standard contractual clauses (SCC) approved by the European Commission.
Data Retention
Data is retained for no longer than necessary for the purposes outlined or as required by law:
- Contact Data: Retained until account deletion or consent withdrawal
- Location Data: Retained only for the duration required to provide related services
- Technical Data: Retained for security and performance purposes for a reasonable period
- Usage Data: Retained for service improvement analysis until user requests deletion
- Firebase Analytics Data: Retained according to default retention settings of Firebase (currently up to 2 months), unless the user requests earlier deletion.
Cookies and Tracking Technologies
We use cookies to enhance user experience. Cookies may be functional, analytical, or essential. Consent is required for non-essential cookies.
- Essential Cookies: Required for basic Application functionality
- Analytical Cookies: Gather data on user interactions to improve our Application
- Mobile SDK Tracking: In addition to cookies, we use third-party SDKs (such as Firebase Analytics) to collect technical and behavioral data in the mobile Application.
User Rights under GDPR and CCPA
- Right to Access: Request a copy of personal data and processing information
- Right to Rectification: Request corrections to inaccurate or incomplete data
- Right to Erasure: Request deletion of personal data under specific circumstances
- Right to Restrict Processing: Limit data processing in certain cases
- Right to Data Portability: Obtain data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or marketing
- Right to Withdraw Consent: Withdraw consent at any time
- Right to Opt-Out of Analytics: Users may disable Firebase Analytics collection through Application settings (if available) or by adjusting advertising and privacy settings on their device (such as limiting ad tracking on iOS or Android).
Data Security
We employ modern security measures including encryption, access control, and regular security audits to protect user data against unauthorized access, alteration, or loss.
Data Breach Notification
In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours and affected users without undue delay, as required by GDPR.
External Links and Third-Party Sites
Our Application may contain links to external websites or services. We are not responsible for the privacy practices of these third-party sites.
Marketing Communications and Consent
User consent is required for marketing communications. Consent can be provided through opt-in forms and may be revoked at any time.
Privacy Policy for Children
Our Application is not intended for children under 16. We do not knowingly collect personal data from children without parental or guardian consent.
User Consent
We obtain user consent through registration forms, pop-up notifications, and permission requests. Users can withdraw consent at any time.
Complaint Procedure
If you have concerns about our data processing practices, you may file a complaint with your local data protection authority or contact us directly.
Changes to the Privacy Policy
We may update this Privacy Policy periodically. Changes will be posted with an updated date.
When new third-party services (such as analytics or advertising tools) are integrated, we will update this Privacy Policy accordingly.
Contact Information
For questions, comments, or requests regarding this Privacy Policy, please contact us at [email protected].
