Privacy Policy and Data Protection
Last Updated: December 11, 2025
Introduction
Geobuyer ® Limited (referred to as "we," "us," or "our") has developed this website and mobile application, Geobuyer (hereinafter "Application"). This Privacy Policy outlines how we collect, use, share, and protect the personal data of users of our Application and Website in compliance with European Union law, including the General Data Protection Regulation (GDPR), Regulation (EU) 2016/679, and relevant US regulations (California Consumer Privacy Act - CCPA) where applicable.
Categories of Personal Data Collected
We may collect and process the following categories of personal data:
- Contact Information: Name, email address, phone number, and mailing address.
- Financial Data: Payment information, transaction history.
- Location Data: Geolocation information (upon user consent).
- Technical Data: IP address, device type, operating system, browser type, and version.
- Usage Data: Application interaction data, purchase history, preferences, and browsing activity.
- Cookies and Tracking Data: Data on user interactions with the Application through cookies and similar technologies.
- Analytics Data (Firebase Analytics): Information about user interaction with the Application (e.g., session duration, navigation flows, clicks, app launches), device identifiers (Advertising ID, Instance ID), and marketing attribution data.
- Diagnostics Data (Firebase Crashlytics): Technical information about the Application and the device at the moment of a crash or serious error (such as operating system version, device model, app version, timestamp of the crash, device and memory state, technical logs), as well as an installation identifier generated by Crashlytics (Crashlytics Install ID). These data include crash details (error type and stack trace) and are used solely to detect, analyze and fix errors, improve the stability and performance of the Application. We do not use Crashlytics data to directly identify individual users or to build marketing profiles.
Use of Personal Data
Collected data may be used for the following purposes:
- Providing and improving the Application's functionality and performance
- Customizing user experiences
- Processing and fulfilling user requests and orders
- Analyzing user behavior to enhance our services
- Analytics and Statistics: Measuring Application usage, identifying bugs, evaluating feature effectiveness, and optimizing marketing campaigns using Firebase Analytics.
- Crash diagnostics and app stability: Using Firebase Crashlytics to identify, analyze and fix crashes, bugs and performance issues of the Application in order to ensure its proper functioning and improve stability.
- Marketing communications (upon user consent)
- Legal compliance and safeguarding our rights and interests
Legal Basis for Processing
- Consent (Article 6(1)(a) GDPR): For specific activities like marketing
- Contract Performance (Article 6(1)(b) GDPR): For fulfilling service agreements with users
- Legal Obligation (Article 6(1)(c) GDPR): Compliance with applicable laws
- Vital Interests (Article 6(1)(d) GDPR): Protecting user or third-party safety
- Legitimate Interests (Article 6(1)(f) GDPR): Conducting marketing research, protecting our interests, maintaining and improving the security and stability of the Application (including the use of Firebase Crashlytics for crash diagnostics), and preventing fraud or misuse of our services.
Sharing of Data with Third Parties
- With user consent
- To comply with legal obligations
- With partners and service providers who assist us in delivering our services
- With law enforcement or government authorities as required by law
- With Google LLC (Firebase Analytics and Firebase Crashlytics), which process Application usage, analytics and diagnostics data on our behalf in order to provide analytics, reporting and crash diagnostics services. For more details, please see Google Privacy Policy and Firebase privacy documentation.
International Data Transfers
If personal data is transferred outside the European Economic Area (EEA), we ensure adequate protection through European Commission-approved standard contractual clauses or other legally compliant mechanisms.
As Firebase services (including Firebase Analytics and Firebase Crashlytics) are operated by Google LLC, data may be transferred to and processed in the United States or other jurisdictions. These transfers are safeguarded by standard contractual clauses (SCC) approved by the European Commission or other appropriate safeguards, where applicable.
Data Retention
Data is retained for no longer than necessary for the purposes outlined or as required by law:
- Contact Data: Retained until account deletion or consent withdrawal
- Location Data: Retained only for the duration required to provide related services
- Technical Data: Retained for security and performance purposes for a reasonable period
- Usage Data: Retained for service improvement analysis until user requests deletion
- Firebase Analytics Data: Retained according to default retention settings of Firebase (currently up to 2 months), unless the user requests earlier deletion.
- Firebase Crashlytics Data: Crash reports and related technical diagnostics data are typically retained by Google for up to 90 days, unless we are required by law to retain them longer. We do not retain Firebase Crashlytics data on our own systems longer than necessary to analyze and resolve stability issues.
Cookies and Tracking Technologies
We use cookies to enhance user experience. Cookies may be functional, analytical, or essential. Consent is required for non-essential cookies.
- Essential Cookies: Required for basic Application functionality
- Analytical Cookies: Gather data on user interactions to improve our Application
- Mobile SDK Tracking: In addition to cookies, we use third-party SDKs (such as Firebase Analytics and Firebase Crashlytics) to collect technical, analytical and behavioral data in the mobile Application. Firebase Crashlytics is used specifically for collecting crash and diagnostics data in order to identify and fix errors and improve stability.
-
Firebase Crashlytics: We use Firebase Crashlytics, a service provided by Google LLC, to monitor the stability of the Application and diagnose errors. Crashlytics automatically collects certain technical data when the Application encounters a crash or serious error, including:
- App version and build;
- Operating system version and device model;
- Timestamp of the crash and device state (e.g., memory usage);
- Technical logs and crash details (error type and stack trace);
- A randomly generated installation identifier (Crashlytics Install ID).
This data is used exclusively for detecting, analyzing and fixing crashes and improving the performance and reliability of the Application. We do not use Crashlytics data for marketing or advertising purposes, and we do not attempt to directly identify individual users based on this data.
User Rights under GDPR and CCPA
- Right to Access: Request a copy of personal data and processing information
- Right to Rectification: Request corrections to inaccurate or incomplete data
- Right to Erasure: Request deletion of personal data under specific circumstances
- Right to Restrict Processing: Limit data processing in certain cases
- Right to Data Portability: Obtain data in a structured, machine-readable format
- Right to Object: Object to processing based on legitimate interests or marketing
- Right to Withdraw Consent: Withdraw consent at any time
- Right to Opt-Out of Analytics: Users may disable Firebase Analytics collection through Application settings (if available) or by adjusting advertising and privacy settings on their device (such as limiting ad tracking on iOS or Android).
The rights listed in this section apply to all personal data we process, including analytics and diagnostics data collected through Firebase Analytics and Firebase Crashlytics. While diagnostics collection via Firebase Crashlytics is necessary to ensure the security and stability of the Application and cannot always be fully disabled through in-app settings, you may contact us at any time to request access to, deletion of, or restriction of processing of diagnostics data associated with your device where technically feasible.
To exercise these rights, contact us at [email protected] or through your account settings.
Data Security
We employ modern security measures including encryption, access control, and regular security audits to protect user data against unauthorized access, alteration, or loss.
Data Breach Notification
In the event of a personal data breach, we will notify the relevant supervisory authority within 72 hours and affected users without undue delay, as required by GDPR.
External Links and Third-Party Sites
Our Application may contain links to external websites or services. We are not responsible for the privacy practices of these third-party sites.
Marketing Communications and Consent
User consent is required for marketing communications. Consent can be provided through opt-in forms and may be revoked at any time.
Privacy Policy for Children
Our Application is not intended for children under 16. We do not knowingly collect personal data from children without parental or guardian consent.
User Consent
We obtain user consent through registration forms, pop-up notifications, and permission requests. Users can withdraw consent at any time.
Complaint Procedure
If you have concerns about our data processing practices, you may file a complaint with your local data protection authority or contact us directly.
Changes to the Privacy Policy
We may update this Privacy Policy periodically. Changes will be posted with an updated date.
When new third-party services (such as analytics or advertising tools) are integrated, we will update this Privacy Policy accordingly.
Contact Information
For questions, comments, or requests regarding this Privacy Policy, please contact us at [email protected].
