Privacy and Data Protection Policy

Effective Date: January 20, 2025

1. General Overview

This Privacy and Data Protection Policy (referred to as the “Policy”) outlines how the privacy of users of our website (“Website”) is safeguarded and how their personal data is handled.

Personal data refers to any information relating to an identified or identifiable individual. An identifiable individual is one who can be recognized, either directly or indirectly, through identifiers such as a name, identification number, location data, online identifier, or factors related to their physical, physiological, genetic, mental, economic, cultural, or social identity (referred to as “User” or “Users”).

This Policy aligns with Regulation (EU) 2016/679 of the European Parliament and Council, commonly known as the General Data Protection Regulation (GDPR), which governs the handling and protection of personal data within the European Union.

2. Types and Sources of Collected Data

This Policy applies to personal data collected by the Website operator (“Administrator”) as required to provide and improve services. The types of data collected may include:

  1. Website Interaction Data: Details on how Users interact with the Website, such as pages visited and session durations.
  2. Payment Information: Data necessary to process payments, such as transaction identifiers.
  3. Device Information: Technical details about the devices used to access the Website, including hardware models, operating system versions, and unique device identifiers.
  4. Server Logs: Information like IP addresses, system logs, and cookie data.
  5. Location Data: User-provided location information, such as preset preferences or time zone settings.
  6. Registration Details: Data required to create an account, such as email address, gender, and region.
  7. Optional Profile Data: Additional information Users may provide voluntarily, such as photos, age, physical attributes, or partner preferences.
  8. Verification Data: Information used for identity confirmation, such as phone numbers and user-submitted photographs.
  9. Age Verification Documents: Government-issued identification, such as passports or national ID cards, submitted to confirm the User’s age.
  10. Cookies: Anonymous data collected to improve Website functionality and performance.
  11. Uploaded Metadata: Information embedded in uploaded files, such as EXIF data in photos, unless removed by the User prior to submission.

3. Legal Basis and Purpose of Data Processing

The legal foundations for processing personal data include:

  1. Consent: Processing based on the User’s explicit consent under Article 6(1)(a) of the GDPR.
  2. Legitimate Interest: Activities such as marketing, based on Article 6(1)(f) of the GDPR.
  3. Legal Obligation: Compliance with legal requirements, such as verifying a User’s age, under Article 6(1)(c) of the GDPR.

Data is processed for purposes including:

  • Service Delivery: Ensuring the proper functioning and accessibility of Website features.
  • Customer Support: Utilizing contact details to assist registered Users.
  • Content Personalization: Adapting displayed content and marketing efforts based on User data.
  • Analytics and Insights: Gathering metrics such as visit numbers, user demographics, and browsing patterns.
  • Security and Functionality: Enhancing website security, addressing illegal activities, and protecting intellectual property rights.
  • Compliance: Ensuring adherence to Website policies and applicable regulations.

4. Data Retention

Personal data will be retained:

  • For as long as necessary to deliver Website services.
  • During the validity of the User’s account.
  • Until the User revokes consent for marketing data processing.

Once the applicable retention period expires, the Administrator will delete the personal data.

5. Data Sharing and Disclosure

Collected data may be shared in specific cases, such as:

  1. Public Content: Content not marked as private may be publicly visible.
  2. Service Providers: Third parties involved in payment processing or other essential services.
  3. Legal Successors: In the event of a merger, acquisition, or transfer of ownership, data may be shared with the successor entity.
  4. Legal Compliance: Data may be disclosed to law enforcement or regulatory authorities to prevent illegal activities or protect rights.

The Administrator acts as the sole data processor unless otherwise specified.

6. User Rights

Users have the following rights under GDPR, among others:

  1. Access: Request access to their personal data (Article 15).
  2. Rectification: Request corrections to inaccurate or incomplete data (Article 16).
  3. Erasure: Request deletion of personal data (Article 17).
  4. Restriction: Request limitations on data processing (Article 18).
  5. Portability: Request a copy of their data in a structured, machine-readable format (Article 20).
  6. Objection: Object to specific types of data processing (Article 21).

Users can exercise these rights via their account settings or by contacting the Administrator.

If a User requests data deletion under Article 17, critical account-related data such as email addresses or phone numbers will be deleted, resulting in the termination of their account. Deletion requests may take up to six months to process.

7. Data Administration and Security

The Administrator and data processor is Takeitoff LLC, and can be reached at support@takeitoff.me.

While a Data Protection Officer has not been appointed, appropriate technical and organizational measures are in place to secure personal data. Access is restricted to authorized personnel only.

8. Final Provisions

By using the Website, Users confirm their acknowledgment and acceptance of this Policy.

This Policy is governed by the applicable provisions of the GDPR and other relevant regulations.

This Policy is effective as of 01.01.2025.