Skip to content

Your cart is empty

Have an account? Log in to check out faster.

Continue shopping

Data protection

Introduction

 

We ("we," "us," "our") take the protection of the data of users ("users" or "you") of our website and/or mobile app (the "website" or "mobile app" respectively) very seriously and are committed to protecting the information that users provide to us in connection with the use of our website and/or mobile app (together: "digital assets"). Furthermore, we are committed to protecting and using your data in accordance with applicable law.

 

This Privacy Policy explains our practices regarding the collection, use, and disclosure of your data through the use of our digital assets (the "Services") when you access the Services through your devices.

 

Please read the Privacy Policy carefully and make sure you fully understand our practices regarding your data before using our services. If you have read and fully understood this policy and do not agree with our approach, you must discontinue using our digital assets and services. By using our services, you acknowledge the terms of this Privacy Policy. Continued use of the Services constitutes your agreement to this Privacy Policy and any changes thereto.

 

In this Privacy Policy, you will learn:

  • How we collect data

  • What data we collect

  • Why we collect this data

  • With whom we share the data

  • Where the data is stored

  • How long the data is retained

  • How we protect the data

  • How we handle minors

  • Updates or changes to the Privacy Policy

 

What data do we collect?

 

Below is an overview of the data we may collect:

 

  • Unidentified and non-identifiable information that you provide during the registration process or that is collected through the use of our services ("non-personal data"). Non-personal data does not allow conclusions to be drawn about who collected it. Non-personal data we collect primarily consists of technical and aggregated usage information.

  • Individually identifiable information, i.e., all information by which you can be identified or could be identified with reasonable effort ("personal data"). Personal data that we collect through our services may include information requested from time to time, such as names, email addresses, addresses, phone numbers, IP addresses, and more. When we combine personal with non-personal data, as long as it remains combined, we treat it as personal data.

 

How do we collect data?

 

Below are the main methods we use to collect data:

 

  • We collect data when you use our services. So, when you visit our digital assets and use services, we may collect, record, and store usage, sessions, and related information.

  • We collect data that you provide to us yourself, for example, when you contact us directly via a communication channel (e.g., an email with a comment or feedback).

  • We may collect data from third-party sources as described below.

  • We collect data you provide when you sign up for our services through a third party like Facebook or Google.

 

Why do we collect this data?

 

We may use your data for the following purposes:

 

  • to provide and operate our services;

  • to develop, adapt, and improve our services;

  • to respond to your feedback, inquiries, and requests and to offer assistance;

  • to analyze demand and usage patterns;

  • for other internal, statistical, and research purposes;

  • to improve our data security and fraud prevention capabilities;

  • to investigate violations and enforce our terms and policies, and to comply with applicable law, regulations, or governmental orders;

  • to send you updates, news, promotional materials, and other information related to our services. For promotional emails, you can decide whether you want to continue receiving them. If not, simply click the unsubscribe link in these emails.

 

To whom do we share this data?

 

We may share your data with our service providers to operate our services (e.g., storing data through third-party hosting services, providing technical support, etc.).

 

We may also disclose your data in the following circumstances: (i) to investigate, detect, prevent, or take action regarding illegal activities or other misconduct; (ii) to establish or exercise our rights of defense; (iii) to protect our rights, property, or personal safety and the safety of our users or the public; (iv) in the event of a change of control of us or any of our affiliated companies (through merger, acquisition, or purchase of (substantially) all assets, among others); (v) to collect, hold, and/or manage your data through authorized third-party service providers (e.g., cloud service providers) to the extent reasonable for business purposes; (vi) to collaborate with third-party providers to improve your user experience. To avoid misunderstandings, we would like to point out that we may transfer, share, or otherwise use non-personal data with third parties at our discretion.

 

Category: User has a blog or forum

 

Please note that our services enable social interactions (e.g., publicly posting content, information, and comments, and chatting with other users). We advise you that any content or data you provide in these areas may be read, collected, and used by others. We discourage you from posting or sharing information that you do not wish to make public. If you upload content to our digital assets or otherwise make it available as part of using a service, you do so at your own risk. We cannot control the actions of other users or members of the public with access to your data or content. You acknowledge and hereby affirm that copies of your data may remain retrievable even after their deletion on cached and archived pages or after a third party has created a copy/stored your content.

 

Cookies and similar technologies

 

When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytical services ("tracking technologies"). These tracking technologies may allow third parties to automatically collect your data to improve the navigation experience on our digital assets, optimize their performance, and ensure a customized user experience, as well as for security and fraud prevention purposes.

 

To learn more, please read our Cookie Policy.

 

Without your consent, we will not share your email address or other personal data with advertising companies or advertising networks.

 

We may deliver advertising through our services and digital assets (including websites and applications that use our services), which may also be tailored to you, such as ads based on your recent browsing behavior on websites, devices, or browsers.

 

To deliver these advertisements to you, we may use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or HTML5 Local Storage and/or other technologies. We may also use third parties, such as network advertisers (i.e., third parties that display advertisements based on your website visits), to serve targeted ads. Third-party ad network providers, advertisers, sponsors, and/or website traffic measurement services may also use cookies and/or JavaScript and/or web beacons (including clear GIFs) and/or Flash cookies and/or other technologies to measure the effectiveness of their ads and customize advertising content for you. These third-party cookies and other technologies are subject to the specific privacy policy of the respective third party and not this one.

 

Where do we store the data?

 

Non-personal data

 

Please note that our companies, as well as our trusted partners and service providers, are located all over the world. For the purposes explained in this Privacy Policy, we store and process all non-personal data we collect in different jurisdictions.

 

Personal data

 

Personal data may be maintained, processed, and stored in the United States, Ireland, South Korea, Taiwan, Israel, and, as far as necessary for the proper provision of our services and/or legally required (as further explained below), in other jurisdictions.

 

How long is the data retained?

 

Please note that we retain the collected data for as long as necessary to provide our services, to comply with our legal and contractual obligations to you, to resolve disputes, and to enforce our agreements.

 

We may correct, supplement, or delete inaccurate or incomplete data at any time at our discretion.

How do we protect the data?

 

The hosting service for our digital assets provides us with the online platform through which we can offer you our services. Your data may be stored through our hosting provider's data storage, databases, and general applications. It stores your data on secure servers behind a firewall and provides secure HTTPS access to most areas of its services.

 

All payment options offered by us and our hosting provider for our digital assets comply with the regulations of the PCI-DSS (Payment Card Industry Data Security Standard) of the PCI Security Standards Council. This is a collaboration of brands such as Visa, MasterCard, American Express, and Discover. PCI-DSS requirements help ensure the secure handling of credit card data (including physical, electronic, and procedural measures) by our shop and service providers.

 

Notwithstanding the measures and efforts taken by us and our hosting provider, we cannot and will not guarantee absolute protection and security of the data you upload, publish, or otherwise share with us or others.

 

For this reason, we ask you to set secure passwords and, if possible, not to provide us or others with confidential information whose disclosure you believe could cause you significant or lasting harm. Since email and instant messaging are not considered secure forms of communication, we also ask you not to share confidential information through any of these communication channels.

 

How do we handle minors?

 

The services are not intended for users who have not yet reached the legal age of majority. We will not knowingly collect data from children. If you are not yet of legal age, you should not download or use the services and should not provide us with any information.

 

We reserve the right to request proof of age at any time to verify whether minors are using our services. In the event that we become aware that a minor is using our services, we may prohibit these users from accessing our services and block them, and we may delete any data we have stored about these users. If you have reason to believe that a minor has provided us with data, please contact us as explained below.

 

We will only use your personal data for the purposes specified in the privacy policy and only if we are convinced that:

 

  • the use of your personal data is necessary to fulfill or conclude a contract (e.g., to provide you with the services themselves or customer service or technical support);

  • the use of your personal data is necessary to comply with corresponding legal or regulatory obligations, or

  • the use of your personal data is necessary to support our legitimate business interests (provided that this is always done in a proportionate manner and respects your data protection rights).

 

As an EU resident, you can:

 

  • request confirmation as to whether or not personal data concerning you is being processed, and request access to your stored personal data as well as certain additional information;

  • request the receipt of personal data that you have provided to us, in a structured, commonly used, and machine-readable format;

  • request the rectification of your personal data stored by us;

  • request the deletion of your personal data;

  • object to the processing of your personal data by us;

  • request the restriction of the processing of your personal data, or

  • lodge a complaint with a supervisory authority.

 

Please note, however, that these rights are not absolute and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and its use, please contact us as indicated below.

In the course of providing the services, we may transfer data across borders to affiliated companies or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide. By using the services, you consent to the transfer of your data outside the EEA.

 

If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA if we are convinced that an adequate or comparable level of protection for personal data exists. We will take appropriate steps to ensure that we have appropriate contractual agreements with our third parties to ensure that appropriate safeguards are in place so that the risk of unlawful use, alteration, deletion, loss or theft of your personal data is minimized and that these third parties act in accordance with applicable laws at all times.

 

California Consumer Protection Act Rights

 

If you use the services as a California resident, you may be entitled to request access to and deletion of your data under the California Consumer Privacy Act ("CCPA").

 

To exercise your right to access and delete your data, please see how to contact us below.

 

We do not sell users' personal data for the intentions and purposes of the CCPA.

 

Users of the services who are California residents and under 18 years of age may request and obtain the deletion of their published content by email at the address provided in the "Contact" section below. These requests must all be marked "California Removal Request." All requests must include a description of the content you wish to have deleted and sufficient information to enable us to locate the material. We do not accept communications that are not marked or not properly transmitted, and we may not be able to respond if you do not provide sufficient information. Please note that your request does not ensure that the material will be completely or comprehensively deleted. Material you publish may, for example, be republished or reposted by other users or third parties.

 

Updates or changes to the Privacy Policy

 

We may revise this Privacy Policy from time to time at our sole discretion; the version published on the website is always current (see "Last Updated" date). We encourage you to review this Privacy Policy regularly for changes. For material changes, we will post a notice on our website. Your continued use of the services after notification of changes to our website constitutes your acknowledgment and acceptance of the changes to the Privacy Policy and your agreement to be bound by the terms of these changes.

 

Contact

 

If you have general questions about the services or the data we collect about you and its use, please contact us at:

 

Name: BIBITA GmbH

Address: Spittelberggasse 11, Lokal 2, 1070 Vienna, Austria

Email address: office@bibita.at

 

DISCLAIMER

 

The information contained herein does not constitute legal advice and you should not rely solely on it. Specific requirements regarding legal terms and policies may vary from state to state and/or jurisdiction to jurisdiction. As set out in our Terms of Use, you are responsible for ensuring that your services are permissible under and comply with applicable law.

 

To ensure that you fully comply with your legal obligations, we strongly recommend that you seek professional advice to better understand which requirements specifically apply to you.