Rinbang (currently a developing startup in Germany, to be formally registered as a legal entity in the future) respects your privacy and is committed to protecting your personal data. This document explains how we collect, use, share, and protect your information when you use the Rinbang.com website and its services.
Please read this policy carefully. By using our services, you agree to the terms outlined in this policy.
1) Information We Collect and Our Lawful Basis
We may collect the following types of information:
Personal Data
- Information you provide directly to us: your email address (registration & communication), gender and year of birth (aggregated analytics/personalization), and your phone number (optional, account recovery/important notices).
- Lawful Basis: mainly the performance of our contract, and in specific cases your explicit consent.
- Important Note: stored securely and not visible to other users.
Profile Information
- Optional username and profile picture.
- Lawful Basis: contract performance + your consent for public display.
- Note: Only this may be visible publicly, if you choose.
Usage & Activity Data
Posts, comments, hashtags, donations (“rockets”), Impact Point, public figures you support, and other interactions. Lawful Basis: contract performance and our legitimate interests (improving performance, UX, and security).
Technical & Device Information
Device/OS, IP address, device ID, browser info. Lawful Basis: our legitimate interests in security, error detection, and stability.
Log Data
Timestamps of sign-in/out and related events. Lawful Basis: legitimate interests (account management, security, and operational analytics).
Cookies & Similar Technologies
We use essential cookies (legitimate interests) and optional cookies (analytics/functional) based on your explicit consent via our cookie banner. You can manage preferences any time.
2) How We Use Your Information
- Providing & Improving: deliver and enhance the platform; personalize experience; support.
- Communications: service emails/notifications; support responses.
- Analytics: aggregated/anonymized insights to improve UX and features.
- Security & Abuse Prevention: detect fraud, spam, misuse.
- Legal Compliance: comply with EU/German laws.
No automated decision-making: we don’t make decisions solely based on automated processing that produce legal or similarly significant effects.
3) Sharing Your Information
We don’t share personally identifiable data (like real name, email, phone) with third parties. Activity is anonymous by default unless you choose to show your username/profile picture.
- With Your Consent: withdraw any time.
- Service Providers (Processors): hosting, analytics, support, payments under GDPR-compliant DPAs.
- Legal Requirements: valid authority/court orders.
- Protecting Rights: protect rights, property, or safety of Rinbang/users.
- Aggregated & Anonymized Insights: we may share/sell insights that cannot identify individuals (e.g., hashtag trends, geo interest).
Payments/Donations
Processed by secure payment providers. We do not store card details; processors handle them under their compliance obligations.
International Transfers
Primarily hosted in the EEA. If transfers outside the EEA are necessary, we rely on appropriate safeguards like the European Commission’s Standard Contractual Clauses (SCCs) or equivalent.
4) Security of Your Information
We apply industry-standard security (TLS, encryption in transit/at rest, access controls, monitoring). No system is 100% secure, but we follow best practices to protect your information.
5) Data Retention Period
We retain personal data only as long as necessary for stated purposes or as required by law; then delete or anonymize it. Examples may include: security logs ~12 months; support tickets up to 24 months; backups 30–90 days; financial records per law.
6) Your Rights Under GDPR
- Access and Copy of your data
- Rectification of inaccurate/incomplete data
- Erasure (“Right to be Forgotten”) under conditions
- Restriction of processing under conditions
- Data Portability in machine-readable format
- Object to processing (legitimate interests/direct marketing)
- Withdraw Consent at any time (without affecting prior lawful processing)
- Complain to a supervisory authority in Germany or your country
We aim to respond within one month (extendable by two months for complex requests). We may verify identity before acting.
7) User Age
Rinbang is designed for individuals aged 16+. If we learn we collected information from someone under this age, we will delete it.
8) Changes to This Policy
We may update this policy to reflect changes in practices, laws, or technologies. We’ll update the “Last Updated” date and, for significant changes, may notify you via email or in-product notices.
9) Contact Us
If you have questions or wish to exercise your rights, contact privacy@rinbang.com.