Loading Privacy Policy...

Privacy Policy

Effective: 2025-08-05

1. Who We Are

Welcome to SellVibe ("Platform", "we", "our", "us"), operated by SellVibe MB. This Privacy Policy ("Policy") explains how we collect, use, and protect personal data when you use our Platform. By accessing or using our services, you acknowledge that you have read and understood this Policy. If you do not agree, please discontinue use of our Platform.

1.1 Data Controller

The entity responsible for processing personal data under applicable data protection laws, including the General Data Protection Regulation (GDPR), is:

SellVibe MB
Legal Address: N/A
Registration code: N/A
Email: [email protected]

2. Your Rights

You have rights under data protection laws, including GDPR, to access, rectify, delete, restrict, or object to processing of your personal data. You may also request data portability or withdraw consent where applicable.

2.1 Exercising Your Rights

To exercise these rights, contact us at [email protected]. We may require verification before processing your request.

3. Information We Collect

3.1 Customer Orders

When you place an order with a merchant using SellVibe, we collect:

  • Email Address: Required for order confirmation, support, and fraud prevention.
  • Payment Information: Managed by third-party payment processors (payment providers, etc.).
  • Delivery Information: If required by the seller for digital or physical products.
  • Order History: Stored for support, legal compliance, and dispute resolution.

3.2 Subscription Orders (SellVibe Services)

When merchants subscribe to SellVibe for additional platform features, we collect:

  • Account Information: Email, username, and payment details.
  • Billing Data: Payment method, invoices, and subscription history.
  • Usage Data: Features accessed, plan details, and upgrade history.

3.3 IP Addresses, User Agents, and Location Data

We store IP addresses, browser user agents, and ISO country codes for security, fraud prevention, and analytics. (Legal Basis: Legitimate Interest - GDPR Article 6(1)(f))

4. Security Measures

We implement strong security measures, including:

  • Argon2id Password Hashing: Secure storage for user credentials.
  • Multi-Factor Authentication (MFA): Optional extra layer of security.
  • Rate Limiting & DDoS Protection: Prevents abuse and brute-force attacks.

5. Data Retention

We retain data only as long as necessary:

  • Customer Orders: Retained for 5 years for legal and tax purposes.
  • Subscription Data: Retained while the subscription is active and for 2 years after cancellation.
  • Security & Fraud Logs: Retained for up to 6 years where applicable.

6. Cookies

We use local storage for user authentication and essential cookies for services including:

  • Support (Crisp IM SAS): Chat functionality. Crisp Privacy Policy.
  • Security & Performance (Cloudflare): DDoS protection and traffic management. Cloudflare Privacy Policy.
  • Payment Processing: Secure transactions with various payment providers.

7. Automated Decision-Making & Profiling

We may use automated decision-making for purposes such as fraud prevention, regulatory compliance, and service improvements. Automated systems analyze transaction patterns and may flag potentially fraudulent activity.

Where such decisions significantly affect you, you have the right to request human intervention, express your viewpoint, and challenge the decision. Contact us to exercise this right.

8. Data Portability

8.1 Requesting a Data Archive

You have the right to request an archive of all personal data we hold about you. This request will be processed within 14 days and provided via email in a structured, commonly used format.

9. Data Rectification

9.1 Updating or Deleting Information

You have the right to update or correct any inaccurate or outdated information in your account settings. If you require further modifications or full data deletion, you can submit a request via the Service Administration Dashboard.

10. Forwarded Emails

We store forwarded emails for up to 14 days for performance monitoring and debugging purposes. These may include transaction-related emails for Cash App, PayPal Friends and Family, and other services. After this period, all forwarded emails are automatically deleted.

11. Store Views & Analytics

We collect anonymous store visit data to provide sellers with basic analytics on store performance. The data collected includes:

  • Timestamps: The date and time a store was viewed.
  • ISO Country Codes: The visitor's country based on IP geolocation.
  • View Counter: A count of how many times a store page was accessed.

This data is fully anonymized and does not contain personally identifiable information (PII). It is used solely to generate aggregated statistics for store owners.

Store analytics data is retained for up to 12 months before being permanently deleted.