Privacy Policy

Last updated: 1/6/2024 · 20 min read

1. Introduction

At DealDetectives ("we", "our", or "us"), we respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website (thedealdetectives.com) and tell you about your privacy rights and how the law protects you.

We are the DealDetectives, a company registered in the Netherlands. We are the data controller and responsible for your personal data. If you have any questions about this privacy policy or our privacy practices, please contact us at the details provided in the "Contact Information" section.

2. Data we collect

We may collect, use, store and transfer different kinds of personal data about you:

2.1 Information you provide to us:

  • Identity Data (first name, last name, username)
  • Contact Data (email address, telephone number, address)
  • Financial Data (payment card details through our payment processor)
  • Profile Data (your preferences, feedback, and survey responses)
  • Usage Data (how you use our website and services)

2.2 Information we automatically collect:

  • Technical Data (IP address, browser type, device information)
  • Usage Data (statistics about how you use our website)
  • Cookie Data (as described in our Cookie Policy)

3. Legal basis for processing

We only process your personal data when we have a legal basis to do so. The legal bases we rely on are:

  • Contract performance: Processing necessary for the performance of our contract with you (e.g., providing our services, processing payments)
  • Legal obligation: Processing necessary for compliance with legal obligations (e.g., tax laws, consumer protection)
  • Legitimate interests: Processing necessary for our legitimate interests, provided these don't override your rights (e.g., business analytics, security measures)
  • Consent: Processing based on your specific consent (e.g., marketing communications)

3.1 Specific processing purposes

Contract performance:

  • Account creation and management
  • Service delivery and customization
  • Payment processing
  • Customer support

Legal obligation:

  • Tax and accounting records
  • Legal compliance documentation
  • Response to legal requests

Legitimate interests:

  • Service improvement and development
  • Security and fraud prevention
  • Business analytics and reporting
  • Technical issue resolution

Consent-based:

  • Marketing communications
  • Cookie usage (non-essential)
  • Newsletter subscriptions

4. How we use your data

We use your personal data for the following purposes:

4.1 Core service provision

  • Account creation and management
  • Service delivery and customization
  • Payment processing and subscription management
  • Customer support and communication
  • Technical issue resolution

4.2 Service improvement

  • Analytics and performance monitoring
  • User behavior analysis
  • Feature development and optimization
  • Bug fixing and technical improvements

4.3 Security and compliance

  • Fraud prevention and detection
  • Security monitoring and threat detection
  • Legal compliance and reporting
  • Audit logging and security analysis

4.4 Communication

  • Service updates and notifications
  • Marketing communications (with consent)
  • Newsletter distribution
  • Customer feedback and surveys

5. Service providers

We use several third-party service providers to help us operate our service, and they may have access to your personal data. All providers are required to respect the confidentiality of your personal data and are GDPR compliant.

5.1 Our service providers

Vercel (Hosting & Analytics)

Website hosting and performance analytics

Hetzner (Database Hosting)

Secure database hosting and storage

Stripe (Payment Processing)

Payment processing and subscription management

Sentry (Error Tracking)

Application monitoring and error tracking

Resend (Email Service)

Email delivery and transactional communications

  • Company: Resend Inc.
  • Address: 2261 Market Street #5039, San Francisco, CA 94114, USA
  • Data Location: AWS EU Region (Ireland)
  • Privacy Policy: https://resend.com/privacy
  • Data Processing Terms: Contact privacy@resend.com for DPA
  • Data Protection Officer: privacy@resend.com
  • Data Collected: Email addresses, email content, delivery metrics
  • Security Certification: SOC 2 Type II
  • Data Removal: Contact our support team at info@thedealdetectives.com, and we will coordinate the data removal with Resend

Google Analytics

Website analytics and user behavior tracking

Google Tag Manager

Management of tracking and marketing tags

Facebook Pixel

Conversion tracking and ad optimization

6. Data retention periods

We maintain specific retention periods for different types of personal data:

Account information:

  • Active accounts: For the duration of the account
  • Deleted accounts: 30 days after deletion request
  • Payment information: 7 years (legal requirement)

Usage data:

  • Analytics data: 26 months
  • Log files: 90 days
  • Error tracking data: 30 days

Communication data:

  • Support tickets: 2 years after resolution
  • Marketing preferences: Until consent withdrawal
  • Newsletters: Until subscription cancellation

7. Marketing communications and tracking

We use various tools to collect and analyze marketing data:

7.1 Marketing data collection

We use various tools to collect and analyze marketing data:

  • Google Analytics: Helps us understand how users interact with our website by collecting pages visited, time spent, user journey, device information, and demographic data
  • Google Tag Manager: Manages our marketing and analytics tags, enabling consistent tag deployment, campaign tracking, and A/B testing
  • Facebook Pixel: Tracks user behavior and conversions including page views, form submissions, and purchase activities

7.2 Email communications

We use Resend, a professional email service provider, to send our emails. When we send you emails:

  • Your email address and name are processed by Resend
  • Emails are sent from our verified domains
  • Email activity (opens, clicks) may be tracked for service improvement
  • All data is processed in compliance with GDPR

7.3 Your marketing choices

You can control your marketing preferences by:

  • Using the unsubscribe link in our emails
  • Adjusting your preferences in your account settings
  • Contacting our support team

After you opt out, we may still send you non-marketing communications, such as service updates, security alerts, or administrative notices. These essential communications are sent via Resend but are not marketing in nature.

8. Children's privacy

Our services are not intended for children under 18 years of age. We do not knowingly collect or process personal data from children under 18. If you become aware that a child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

9. Automated decision making

We use automated decision-making and profiling in the following ways:

  • Fraud prevention: Automated systems analyze your actions to protect against fraudulent activities
  • Service personalization: Automated processing to customize your experience based on usage patterns
  • Account security: Automated systems monitor for suspicious activities and may temporarily restrict access

You have the right not to be subject to a decision based solely on automated processing that produces legal effects or similarly significantly affects you. You can contact us to request human intervention, express your point of view, or contest any automated decision.

10. Data security

We have implemented appropriate security measures to prevent your personal data from being accidentally lost, used, accessed, altered, or disclosed in an unauthorized way. These measures include:

  • Encryption of data in transit and at rest
  • Regular security assessments and penetration testing
  • Access controls and authentication requirements
  • Regular backups and disaster recovery procedures
  • Staff training on data protection and security

11. International transfers

We primarily process your personal data within the European Economic Area (EEA). However, some of our service providers may process data outside the EEA. Whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by using specific contracts approved by the European Commission.

12. Changes to this policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date. You are advised to review this Privacy Policy periodically for any changes.

13. Contact information

If you have any questions about this Privacy Policy or our privacy practices, please contact our Data Protection Officer:

DealDetectives
Segment 3
6921RC Duiven
Email: info@thedealdetectives.com
Chamber of Commerce (KVK) Number: 85692611

You have the right to make a complaint at any time to the Dutch Data Protection Authority (Autoriteit Persoonsgegevens), the Dutch supervisory authority for data protection issues (https://autoriteitpersoonsgegevens.nl).

14. Language Disclaimer

This Privacy Policy has been written in English and may be translated into other languages. In case of any inconsistency or discrepancy between the English version and any other language version of this Privacy Policy, the English language version shall prevail and be controlling.