Privacy Policy

1. Introduction & Scope

JustRype LLC ("JustRype," "we," "us," or "our") is deeply committed to safeguarding the privacy of our users and managing personal data responsibly and transparently. This Privacy Policy meticulously details our practices regarding the collection, processing, storage, and disclosure of personal information within the JustRype marketplace platform ("Platform"). This policy applies to all users of our Platform, including individuals, agricultural enterprises, and any visitors, irrespective of their location.

JustRype strives to comply with all applicable data protection laws and regulations, including but not limited to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) as amended, the General Data Protection Regulation (GDPR) for users within the European Economic Area and the UK, and other relevant global privacy laws.

By using our Platform, you acknowledge and consent to the practices described in this Privacy Policy. We encourage you to read this policy in its entirety to understand your rights and our commitments to your privacy.

2. Categories of Personal Data Collected

JustRype collects and processes the following categories of personal data to operate effectively, provide you with the best experiences with our Platform, and to improve our services:

User-Provided Data

This encompasses information you actively provide when using our Platform.

• Personal Identifiers: Including but not limited to: full name, postal address, email address, telephone numbers, username and password for account creation and authentication, and social media handles (if linked).
• Profile Information: Data related to your user profile, such as profile pictures, biographical information, stated preferences, and interests.
• Transactional Data: Records of transactions conducted on our Platform, including purchase history, sales history, payment information (though actual payment processing might be through third-party services, details of transactions are recorded), details of listings, orders, invoices, and shipping information.
• Content and Communications: Any content you post, upload, or transmit through the Platform, such as product listings, reviews, feedback, inquiries, and direct communications with us or other users through Platform messaging features, including chat logs and email correspondence.
• Marketing and Communication Preferences: Your preferences in receiving marketing communications from us and your communication preferences.

System-Generated Data

Information automatically collected as you interact with our Platform.

• Technical Identifiers: IP addresses, device identifiers (e.g., UUID, device name, device type), operating system, browser type and version, browser fingerprinting data, and mobile network information.
• Usage Data and Analytics: Information about your interactions with the Platform, such as pages visited, content viewed, features used, search queries, clickstream data, time spent on pages, and navigation paths.
• Location Data: Precise or approximate location information collected from your device if you have enabled location services. This may include GPS coordinates, Wi-Fi location, and location derived from your IP address.
• Log Data: Server logs that record details of your use of the Platform, including access times, dates, error reports, and system activity.
• Cookies and Tracking Technologies Data: Data collected through cookies, web beacons, pixels, and similar tracking technologies as detailed in our Cookie Policy. This includes data for authentication, session management, analytics, and potentially advertising (subject to consent).

Third-Party Data Sources

Information obtained from legitimate third-party sources.

• Service Integrations: Data received through authorized integrations with external services, such as payment processors (e.g., Stripe, PayPal) for transaction processing, analytics providers (e.g., Google Analytics, Mixpanel) for usage analysis, and potentially social media platforms if you choose to link your social media account to our Platform. The types of data received will depend on the third-party service and your privacy settings with those services, and may include transaction confirmations, analytical insights, and profile information.
• Publicly Available Information: Data collected from publicly accessible sources where legally permissible, such as public social media profiles, company registries, and online databases.

3. Purposes of Data Processing and Legal Bases

JustRype processes your personal data for the following purposes, each aligned with a specific legal basis as required under data protection regulations:

Platform Functionality, User Authentication, and Account Management

• Purpose: To enable core functionalities of the Platform, such as user registration, account creation and management, user login and authentication, profile maintenance, providing personalized dashboards, and enabling communication between users.
• Legal Basis: Contractual Necessity – Processing is necessary for the performance of the contract between you and JustRype (i.e., to provide you with the Platform services you requested).

Security Monitoring, Fraud Detection, and Compliance Enforcement

• Purpose: To ensure the security and integrity of our Platform, monitor for and prevent fraudulent activities, protect against misuse and abuse, enforce our Terms of Service, and comply with applicable legal and regulatory obligations (e.g., KYC/AML compliance, responding to legal requests).
• Legal Basis: Legitimate Interests – Processing is necessary for our legitimate interests in ensuring the security and integrity of our Platform, protecting our users and business from fraud and illegal activities, and complying with legal obligations. These interests are balanced against your rights and freedoms.

Optimize User Experience through Personalization and Targeted Communication

• Purpose: To personalize your experience on the Platform by providing tailored content, recommendations, and features based on your preferences and usage patterns; to send you relevant communications, including service updates, administrative messages, and, where you have provided consent, marketing communications and promotional offers.
• Legal Basis: Consent (for marketing communications and non-essential personalization features involving tracking technologies) and Legitimate Interests (for service-related communications and essential personalization to improve core platform functionality). Where consent is relied upon, we will ensure you have the right to withdraw your consent easily. Our legitimate interest in personalization involves improving the quality of our services and user satisfaction, balanced against your rights to privacy.

Fulfill Contractual Obligations and Support Legitimate Business Operations

• Purpose: To process transactions, manage subscriptions, provide customer support, respond to inquiries, conduct data analysis to improve our Platform, perform auditing and reporting, and for other essential business operations such as platform development, testing, and maintenance.
• Legal Basis: Contractual Necessity (for transaction processing and service delivery), Legitimate Interests – Processing is necessary for our legitimate interests in operating and improving our business, providing effective customer support, and ensuring the ongoing functionality and improvement of the Platform. These legitimate interests are balanced against your rights.

4. Data Sharing and Third-Party Disclosure

JustRype may share your personal data with third parties only under specific circumstances and for legitimate purposes, as outlined below:

Service Providers

We engage third-party vendors to perform services on our behalf, which may involve processing personal data. These services include:

• Hosting and Infrastructure Providers: To host our Platform and store data (e.g., AWS, Google Cloud).
• Analytics Providers: To analyze Platform usage and improve our services (e.g., Google Analytics, Mixpanel).
• Payment Processors: To process payments securely (e.g., Stripe, PayPal).
• Customer Support Services: To assist with user inquiries and support requests.
• Email Marketing and Communication Platforms: To manage and send emails and other communications (e.g., Mailchimp, SendGrid).
• Security and Fraud Prevention Services: To help us detect and prevent fraud and enhance security.
• Advertising and Marketing Partners: For delivering targeted advertising and measuring advertising effectiveness (subject to user consent where required).

We have contractual agreements with these service providers that include data protection clauses to ensure that personal data is processed only according to our instructions and in compliance with this Privacy Policy and applicable laws. These agreements typically mandate confidentiality and appropriate security measures.

Regulatory and Legal Authorities

We may disclose personal data to regulatory bodies, law enforcement agencies, courts, or other public authorities if we are legally required to do so, or if we have a good-faith belief that such disclosure is necessary to:

• Comply with a legal obligation, legal process, or government request.
• Enforce our Privacy Policy, Terms of Service, and other agreements.
• Respond to claims that content violates the rights of others.
• Protect the rights, property, or safety of JustRype, our users, or the public.
• Prevent or investigate possible wrongdoing in connection with the Platform.

Business Transitions

In the event of a corporate restructuring, merger, acquisition, sale of assets, or bankruptcy, personal data may be transferred to the acquiring entity or third party involved. We will ensure that:

• Users are notified of such a data transfer and any changes to data processing.
• The acquiring entity or new entity will continue to protect personal data in accordance with the commitments made in this Privacy Policy, or users will be given choice if the policy is materially changed.
• Where legally required (e.g., under GDPR), we will ensure appropriate safeguards are in place for data transfers during business transitions.

With Your Consent

We may share your personal data with third parties in other circumstances where we have your explicit consent to do so. You have the right to withdraw your consent at any time.

5. Use of Cookies and Tracking Technologies

Our Platform utilizes cookies, web beacons, pixels, and other similar tracking technologies to enhance user experience, analyze Platform usage, personalize content, facilitate security measures, and support marketing efforts.

A detailed explanation of our use of these technologies, the types of cookies we use, their purposes, and how you can manage your preferences is provided in our separate Cookie Policy. We encourage you to review our Cookie Policy for comprehensive information.

You have choices regarding the use of cookies and tracking technologies as described in our Cookie Policy and generally through your browser settings. Please note that disabling certain cookies may affect the functionality and user experience of our Platform.

6. User Rights and Data Subject Controls

Users retain the right to:

• Access, rectify, or delete their personal data.
• Restrict or object to data processing where applicable under GDPR.
• Exercise data portability rights, permitting the transfer of their data to alternative service providers.
• Opt out of non-essential communications and targeted advertising.

7. Data Security Measures

JustRype implements robust and comprehensive security measures designed to protect your personal data from unauthorized access, use, alteration, disclosure, or destruction. These measures include:

Encryption

We use industry-standard encryption technologies to protect your personal data both in transit and at rest. This includes Secure Socket Layer (SSL) or Transport Layer Security (TLS) for data transmission and encryption of data at rest in our databases.

Access Controls

We implement strict access control mechanisms to limit access to personal data to authorized personnel only. This includes role-based access controls, principle of least privilege, and strong password policies.

Multi-Factor Authentication (MFA)

We encourage and may enforce multi-factor authentication for account access to add an extra layer of security.

Regular Security Audits and Vulnerability Assessments

We conduct routine security audits, penetration testing, and vulnerability assessments to identify and address potential security weaknesses in our systems and processes.

Incident Response Plan

We have a documented incident response plan to effectively manage and mitigate data breaches or security incidents, including procedures for containment, eradication, recovery, and notification as required by applicable laws.

Data Minimization and Pseudonymization

Where appropriate and feasible, we apply data minimization principles and use pseudonymization techniques to reduce the risk associated with personal data processing.

Physical Security

Our data centers and servers are physically secured with appropriate measures to prevent unauthorized physical access.

Employee Training

We provide regular training to our employees on data protection best practices, privacy policies, and security procedures to ensure a culture of data protection.

Data Backup and Disaster Recovery

We maintain regular backups of data and have disaster recovery plans in place to ensure business continuity and data availability in the event of system failures or disasters.

Security Technology Updates

We continuously update our security technologies and monitor for new threats to ensure our security measures remain effective and up-to-date with evolving security landscapes.

While we strive to protect your personal data, no method of transmission over the internet or method of electronic storage is completely secure. Therefore, while we use commercially reasonable means to protect your personal data, we cannot guarantee its absolute security.

In the event of a data breach, we will comply with all applicable legal requirements regarding notification to users and relevant supervisory authorities.

8. Data Retention and Erasure Policies

JustRype retains your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the volume, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

Specifically, we apply the following data retention guidelines:

Account Data

We generally retain your account data, profile information, and transactional history for as long as your account is active and for a period thereafter to allow you to easily reactivate your account, should you choose to do so. After an extended period of account inactivity, we may anonymize or delete your account data, unless we are required to retain it for legal or regulatory reasons. Generally, this occurs within 2 years of account inactivity.

Marketing Communication Preferences

We retain your marketing communication preferences until you opt out of receiving such communications, plus a short period to ensure we can honor your request in our systems.

Usage Data and Analytics Data

Analytics data is typically retained in an aggregated and anonymized form for 5 years to analyze trends, improve our services, and for business reporting.

Customer Support Interactions

Records of customer support interactions, including communications, may be retained for 3 years to assist with future inquiries, improve our support services, and for training purposes.

Legal and Regulatory Compliance Data

We may need to retain certain personal data for longer periods to comply with legal or regulatory obligations (e.g., tax laws, financial auditing requirements, legal defense). Retention periods in these cases will be determined by the specific legal obligation.

Data Erasure Requests

Upon your verified request for data erasure (Right to be Forgotten), we will take reasonable steps to permanently delete your personal data from our active systems and ensure it is not recoverable or available in a usable format, unless retention is required by law or for legitimate business purposes (e.g., fraud prevention, security, dispute resolution). Where data is retained for legal or legitimate purposes, we will ensure it is appropriately secured and only accessed for those specific purposes.

Following data erasure, we will confirm to you that your request has been processed, in accordance with applicable data protection laws.

9. Protection of Minors

JustRype does not knowingly collect or process personal data from individuals under the age of 18. If such data is inadvertently collected, remedial measures will be taken to expunge it from our systems.

10. Third-Party Links and External Services

The Platform may contain links to third-party websites, applications, and services that are not owned or controlled by JustRype. We are not responsible for the privacy practices or the content of these third-party platforms. When you click on a link to a third-party platform, or engage with a third-party service integrated into our Platform, you are leaving our Platform and interacting with the third party directly.

This Privacy Policy applies solely to personal data processed by JustRype. We strongly encourage you to be aware when you leave our Platform and to review the privacy policies of each and every website and service you visit and interact with, especially before providing any personal data. Your browsing and interaction on any third-party website or service, including those that have a link or integration on our Platform, are subject to that third party's own rules and policies, not ours.

We provide these links and integrations for your convenience only, and such provision does not constitute an endorsement by JustRype of any third-party platform, service, or content.

11. Modifications to the Privacy Policy

JustRype reserves the right to update or modify this Privacy Policy at any time to reflect changes in our data processing practices, legal requirements, or Platform features. When we make material changes to this Privacy Policy, we will provide you with prominent notice as appropriate under the circumstances, such as by:

• Displaying a notice within the Platform
• Sending you an email notification to your registered email address
• Posting an announcement on our website

We will update the "Last Updated" date at the beginning of this Privacy Policy to indicate when the latest revisions were made.

For significant changes that may materially affect your rights or the way we process your personal data, we will endeavor to provide notice at least 30 days prior to the changes taking effect, giving you sufficient time to review the updated policy. Your continued use of the Platform after the effective date of a revised Privacy Policy constitutes your acceptance of the updated policy. If you do not agree with the revised policy, you should discontinue your use of the Platform.

We encourage you to periodically review this Privacy Policy to stay informed about our data protection practices.

12. Contact and Inquiries

If you have any questions, concerns, requests, or complaints regarding this Privacy Policy or our data protection practices, or if you wish to exercise any of your data subject rights, please contact us at:

We are committed to addressing your inquiries and resolving any concerns you may have regarding the processing of your personal data. We will endeavor to respond to your inquiries in a timely manner and in accordance with applicable data protection laws.

---

By accessing and utilizing JustRype, users affirm their understanding and acceptance of this Privacy Policy, recognizing JustRype's role as a facilitator of user interactions while maintaining rigorous data governance practices.